gtema
83150ed5aa
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: gtema <artem.goncharov@gmail.com> Co-committed-by: gtema <artem.goncharov@gmail.com>
24 KiB
Encryption Key Management
API |
API Function |
Permission |
|---|---|---|
POST /v1.0/{project_id}/kms/create-key |
Creates a CMK. |
kms:cmk:create |
POST /v1.0/{project_id}/kms/enable-key |
Enables a CMK. |
kms:cmk:enable |
POST /v1.0/{project_id}/kms/disable-key |
Disables a CMK. |
kms:cmk:disable |
POST /v1.0/{project_id}/kms/schedule-key-deletion |
Schedules the deletion of a CMK. |
kms:cmk:update |
POST /v1.0/{project_id}/kms/cancel-key-deletion |
Cancels the scheduled deletion of a CMK. |
kms:cmk:update |
POST /v1.0/{project_id}/kms/list-keys |
Queries the list of CMKs. |
kms:cmk:list |
POST /v1.0/{project_id}/kms/describe-key |
Queries the CMK information. |
kms:cmk:get |
POST /v1.0/{project_id}/kms/gen-random |
Generates a random number. |
kms:cmk:generate |
POST /v1.0/{project_id}/kms/create-datakey |
Creates a DEK. |
kms:dek:create |
POST /v1.0/{project_id}/kms/create-datakey-without-plaintext |
Creates a plaintext-free DEK. |
kms:dek:create |
POST /v1.0/{project_id}/kms/encrypt-datakey |
Encrypts a DEK. |
kms:dek:crypto |
POST /v1.0/{project_id}/kms/decrypt-datakey |
Decrypts a DEK. |
kms:dek:crypto |
GET /v1.0/{project_id}/kms/user-instances |
Queries the number of instances. |
kms:cmk:getInstance |
GET /v1.0/{project_id}/kms/user-quotas |
Queries the user quota. |
kms:cmk:getQuota |
POST /v1.0/{project_id}/kms/update-key-alias |
Modifies the CMK alias. |
kms:cmk:update |
POST /v1.0/{project_id}/kms/update-key-description |
Modifies the description of a CMK. |
kms:cmk:update |
POST /v1.0/{project_id}/kms/create-grant |
Creates a grant. |
kms:grant:create |
POST /v1.0/{project_id}/kms/revoke-grant |
Revokes a grant. |
kms:grant:revoke |
POST /v1.0/{project_id}/kms/retire-grant |
Retires a grant. |
kms:grant:retire |
POST /v1.0/{project_id}/kms/list-grants |
Queries the grant list of a CMK. |
kms:grant:list |
POST /v1.0/{project_id}/kms/list-retirable-grants |
Queries the list of grants that can be retired. |
kms:grant:list |
POST /v1.0/{project_id}/kms/encrypt-data |
Encrypts data. |
kms:cmk:crypto |
POST /v1.0/{project_id}/kms/decrypt-data |
Decrypts data. |
kms:cmk:crypto |
POST /v1.0/{project_id}/kms/get-parameters-for-import |
Obtains parameters for importing a key. |
kms:cmk:getMaterial |
POST /v1.0/{project_id}/kms/import-key-material |
Imports key material. |
kms:cmk:importMaterial |
POST /v1.0/{project_id}/kms/delete-imported-key-material |
Deletes key material. |
kms:cmk:deleteMaterial |
POST /v1.0/{project_id}/kms/enable-key-rotation |
Enables key rotation. |
kms:cmk:enableRotation |
POST /v1.0/{project_id}/kms/update-key-rotation-interval |
Modifies the rotation interval. |
kms:cmk:updateRotation |
POST /v1.0/{project_id}/kms/disable-key-rotation |
Disables key rotation. |
kms:cmk:disableRotation |
POST /v1.0/{project_id}/kms/get-key-rotation-status |
Queries the key rotation status. |
kms:cmk:getRotation |
POST /v1.0/{project_id}/kms/resource_instances/action |
Queries key resource instances. |
kms:cmkTag:listInstance |
GET /v1.0/{project_id}/kms/{key_id}/tags |
Queries tags of a key. |
kms:cmkTag:list |
GET /v1.0/{project_id}/kms/tags |
Queries the project tags. |
kms:cmkTag:list |
POST /v1.0/{project_id}/kms/{key_id}/tags/action |
Adds or deletes key tags in batches. |
kms:cmkTag:batch |
POST /v1.0/{project_id}/kms/{key_id}/tags |
Adds tags to a key. |
kms:cmkTag:create |
POST /v1.0/{project_id}/kms/{ key_id }/tags/{key} |
Deletes tags of a key. |
kms:cmkTag:delete |