Key Management Service quickstart
- Print
- PDF
Key Management Service quickstart
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Available in Classic and VPC
Key Management Service in NAVER Cloud Platform makes it easy to create, operate, and manage keys. You can see how to do so in getting started with Key Management Service and using Key Management Service, but we recommend taking a look at the Key Management Service quickstart first. Learning the usage scenarios before checking the usage methods will help you utilize Key Management Service more effectively. Key Management Service's entire order and the description for each step are the following:
1. Set usage permissions
2. Create keys
3. Manage keys
4. Call APIs
5. Delete keys
The entire scenario of using Key Management Service is closely related to the life cycle of a key. For more information about the life cycle of a key and an explanation of the terms used, see using Key Management Service and Key Management Service glossary.
1. Set usage permissions
Set the permission setting to use keys. The Key Management Service's permissions are defined by adding policies to the "sub account" issued by NAVER Cloud Platform’s Sub Account. Thus, you need to first create sub accounts other than your main account through Sub Account.
Note
Sub Account is a service provided free of charge upon subscription request. For a detailed description of Sub Account and its pricing plans, see Services > Management & Governance > Sub Account on the NAVER Cloud Platform portal.
To use Key Management Service smoothly, permissions required for function execution are needed. Key Management Service permissions can be managed through Sub Account on NAVER Cloud Platform, and are available as predefined System Managed policiesand User Created policiesthat you define by selecting the required permissions for yourself. To use Key Management Service safely, it is recommended that you configure and manage the minimum number of permissions required to use the service. You can refer to the following user guides for managing permissions:
2. Create keys
You can create keys. You can refer to the following user guide:
- Create key in Using Key Management Service
3. Manage keys
You can check the list of keys created and proceed with their operation and management. You can check and change the status of keys according to their lifecycle, or rotate keys for security to control versions. You can also monitor usage history to ensure that issued keys are being operated appropriately. You can refer to the following guides:
- Key status in the Using Key Management Service
- Manage key version in the Using Key Management Service
- View history keys in the Using Key Management Service
4. Call API
You can use the encryption/decryption and signing/validation features using the keys you create through the REST APIs provided by the Key Management Service. You can refer to the following guides:
- Key Management Service API guide
- Key Management Service examples
- Cautions for APIs Key management, Downloading Java SDKs in the Key Management Service prerequisites
5. Delete keys
Keys that are no longer in use can be requested to be deleted for misuse prevention and security. When a deletion request is received, it is automatically deleted after a 72-hour waiting period. If waiting for deletion is not required, immediate deletion is also possible.
Caution
Once deleted, the key is permanently deleted and can't be restored, so please choose carefully. When an encryption key is deleted, the encrypted data cannot be decrypted with that key, meaning the deletion of an encryption key results in the loss of encrypted data.
You can refer to the following user guide:
- Delete keys in the Using Key Management Service
Was this article helpful?