doc-exports/docs/kms/umn/dew_01_0017.html

<a name="dew_01_0017"></a><a name="dew_01_0017"></a>

<h1 class="topictitle1">Related Services</h1>
<div id="body1481523501205"><div class="section" id="dew_01_0017__section144016137361"><h4 class="sectiontitle">Related Services</h4><p id="dew_01_0017__p146745235357">KMS provides CMK management and encryption capabilities for cloud services. The following table lists the cloud services that can use KMS for encryption.</p>

<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="dew_01_0017__table20444146124420" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Cloud services supported by KMS</caption><thead align="left"><tr id="dew_01_0017__dew_01_0016_row6245203615610"><th align="left" class="cellrowborder" valign="top" width="19.93%" id="mcps1.3.1.3.2.4.1.1"><p id="dew_01_0017__dew_01_0016_p122453366612">Service</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="58.199999999999996%" id="mcps1.3.1.3.2.4.1.2"><p id="dew_01_0017__dew_01_0016_p32456364612">How to Use</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="21.87%" id="mcps1.3.1.3.2.4.1.3"><p id="dew_01_0017__dew_01_0016_p5883151918180">Reference</p>
</th>
</tr>
</thead>
<tbody><tr id="dew_01_0017__dew_01_0016_row624517361619"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p92457362614">Object Storage Service (OBS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p57692822165925">You can upload objects to and download them from OBS in common mode or server-side encryption mode. When you upload objects in encryption mode, data is encrypted at the server side and then securely stored on OBS in ciphertext. When you download encrypted objects, the data in ciphertext is decrypted at the server side and then provided to you in plaintext. OBS supports the server-side encryption with KMS-managed keys (SSE-KMS). In this mode, OBS uses the keys provided by KMS for server-side encryption.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p621125372111"><i><cite id="dew_01_0017__dew_01_0016_cite1988611011197">Object Storage Service Console Operation Guide</cite></i></p>
</td>
</tr>
<tr id="dew_01_0017__dew_01_0016_row1124517361262"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p224553614611">Elastic Volume Service (EVS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p5195880517016">If you enable the encryption function when creating an EVS disk, the disk will be encrypted with the DEK generated by using your CMK. Data stored in the EVS disk will be automatically encrypted.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p10587155122318"><i><cite id="dew_01_0017__dew_01_0016_cite12788565239">Elastic Volume Service User Guide</cite></i></p>
</td>
</tr>
<tr id="dew_01_0017__dew_01_0016_row924520361862"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p17246136469">Image Management Service (IMS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p2031176417022">When creating a private image using an external image file, you can enable the private image encryption function and select a CMK provided by KMS to encrypt the image.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p1514225482715"><i><cite id="dew_01_0017__dew_01_0016_cite19478185415278">Image Management Service User Guide</cite></i></p>
</td>
</tr>
<tr id="dew_01_0017__dew_01_0016_row02465361618"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p9246133619613">Scalable File Service (SFS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p102319261638">When creating a file system on SFS, the CMK provided by KMS can be selected to encrypt the file system, so that files stored in the file system are automatically encrypted.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p13206114443015"><i><cite id="dew_01_0017__dew_01_0016_cite8697450163018">Scalable File Service User Guide</cite></i></p>
</td>
</tr>
<tr id="dew_01_0017__dew_01_0016_row32461936262"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p2246936568">Relational Database Service (RDS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p833055014464">When purchasing a database instance, you can enable the disk encryption function of the database instance and select a CMK created on KMS to encrypt the disk of the database instance. Enabling the disk encryption function will enhance data security.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p474318343316"><i><cite id="dew_01_0017__dew_01_0016_cite9874118193317">Relational Database Service User Guide</cite></i></p>
</td>
</tr>
<tr id="dew_01_0017__dew_01_0016_row13851202164517"><td class="cellrowborder" valign="top" width="19.93%" headers="mcps1.3.1.3.2.4.1.1 "><p id="dew_01_0017__dew_01_0016_p685252112459">Document Database Service (DDS)</p>
</td>
<td class="cellrowborder" valign="top" width="58.199999999999996%" headers="mcps1.3.1.3.2.4.1.2 "><p id="dew_01_0017__dew_01_0016_p2037916913468">When purchasing a DDS instance, you can enable the disk encryption function of the instance and select a CMK created on KMS to encrypt the disk of the instance. Enabling the disk encryption function will enhance data security.</p>
</td>
<td class="cellrowborder" valign="top" width="21.87%" headers="mcps1.3.1.3.2.4.1.3 "><p id="dew_01_0017__dew_01_0016_p1285664023518"><i><cite id="dew_01_0017__dew_01_0016_cite3332114710353">Document Database Service User Guide</cite></i></p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="dew_01_0017__section167594619305"><h4 class="sectiontitle">CTS</h4><p id="dew_01_0017__p52125173103447">CTS provides you with a history of KMS operations. After the CTS service is enabled, you can view all generated traces to review and audit performed KMS operations. For details, see the <i><cite id="dew_01_0017__cite82961142239">Cloud Trace Service User Guide</cite></i>.</p>
</div>
<div class="section" id="dew_01_0017__section4573770192847"><h4 class="sectiontitle">IAM</h4><p id="dew_01_0017__p123907173191">IAM provides permission management for KMS.</p>
<p id="dew_01_0017__p0867319181911">Only users who have KMS Administrator permissions can use KMS.</p>
<p id="dew_01_0017__p1054201119298">To apply for permissions, contact a user with Security Administrator permissions. For details, see <i><cite id="dew_01_0017__cite2953164116374">Identity and Access Management User Guide</cite></i>.</p>
</div>
<div class="section" id="dew_01_0017__section13683170172541"><h4 class="sectiontitle">SMN</h4><p id="dew_01_0017__p7930422172534">Simple Message Notification (SMN) provides the notification function. When a selected event is triggered for the target secret, CSMS sends a notification through SMN.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0091.html">Service Overview</a></div>
</div>
</div>