"action": [ "name/kms:CreateKey", "name/kms:ListKey", "name/kms:GetKeyAttributes", "name/kms:SetKeyAttributes" ], "resource": "*", "effect": "allow" } ] }
alicloud_kms_client_key:创建应用身份凭证的资源定义。 alicloud_kms_policy:创建访问控制策略。 通过Terraform创建应用接入点 本示例将在KMS实例中创建一个应用接入点。 创建一个工作目录,并且在工作目录中创建以下名为main.tf的配置文件。main.tf是Terraform主文件,定义了将要部署的资源。在此之前,请确保您已创建KM...
密钥标识符 (KeyId) 密钥标识符用作 KMS 密钥的名称。它们可帮助您在控制台中识别 KMS 密钥。您可以使用它们来指示要在 AWS KMS API 操作、密钥策略、IAM policy 和授权中使用的 KMS 密钥。密钥标识符值跟与 KMS 密钥关联的密钥材料完全无关。 AWS KMS 定义了几个密钥标识符。创建 KMS 密钥时, AWS KMS 会...
Last Used DynamoDB table used to store the date and time of when a KMS key was last used ReadOnly DynamoDB IAM Role with a default name of ReadDynamoDB-Role Write Access DynamoDB IAM role used to Put objects. Default name of putToDynamoRole security-account-kmsread-lambda.yaml Deploys...
alicloud_kms_key:创建并管理应用身份凭证。 alicloud_kms_alias:创建并管理别名。 通过Terraform创建凭据 重要 建议您对secret_data(凭据值)设置sensitive = true以避免将敏感的凭据值在日志或控制台中打印。更多介绍请参考保护敏感输入变量(Protect Sensitive Input Variables)。
使用该CreateKey操作创建 KMS 密钥时,您可以使用其Policy参数来指定密钥策略,该策略向外部账户或外部用户和角色授予使用 KMS 密钥的权限。 在中创建 KMS 密钥时 AWS Management Console,还会创建其密钥策略。当您在密钥管理员和密钥用户部分中选择身份时, AWS KMS 会将这些身份的策略语句添加到 KMS 密钥的密钥策略...
To use KMS, a KMS host needs a key that activates, or authenticates, the KMS host with Microsoft. This key is sometimes referred to as the KMS host key, but is formally known as a Microsoft Customer Specific Volume License Key (CSVLK). You can get this key from the Product Keys secti...
Example Modify the automatic update period of the master keys. developer:/>change kms key_update_period key_type=master_key update_period=90 Command executed successfully. System Response None Перевод Коллекция Загрузитьдокумент Обновлено:20...
To use KMS, a KMS host needs a key that activates, or authenticates, the KMS host with Microsoft. This key is sometimes referred to as the KMS host key, but is formally known as a Microsoft Customer Specific Volume License Key (CSVLK). You can get this key from the Product Keys secti...
With SSE-KMS, OBS uses the keys provided by Key Management Service (KMS) for server-side encryption. You can create custom keys on KMS to encrypt your objects. If you do