Key Management Service scenarios

Available in Classic and VPC

Key Management Service in NAVER Cloud Platform makes it easy to create, operate, and manage keys. You can see how to do so in Getting started with Key Management Service and Using Key Management Service, but we recommend taking a look at the usage scenario of Key Management Service first. If you check out how to use after learning the user scenario, you can use Key Management Service more smoothly. Key Management Service's entire order and the description for each step are the following:

1. Set usage permissions
2. Create keys
3. Manage keys
4. Call APIs
5. Delete keys

The entire scenario of using Key Management Service is closely related to the life cycle of a key. For more information about the life cycle of a key and an explanation of the terms used, see Using Key Management Service and Key Management Service glossary.

1. Set usage permissions

Set the permission setting to use keys. The Key Management Service's permissions are defined by adding policies to the "sub account" issued by NAVER Cloud Platform’s Sub Account. Thus, you need to first create sub accounts other than your main account through Sub Account.

To use the Key Management Service smoothly, you need the permissions required to perform its features. Key Management Service permissions can be managed through Sub Account on NAVER Cloud Platform, and are available as predefined System Managed policies and User Created policies that you define by selecting the required permissions for yourself. To use Key Management Service safely, it is recommended that you configure and manage the minimum number of permissions required to use the service. You can refer to the following user guides for managing permissions:

• Managing Key Management Service permissions
• Sub Account Guide

2. Create keys

You can create keys. You can refer to the following guide.

• Create key in Using Key Management Service

3. Manage keys

You can check the list of keys created and proceed with their operation and management. You can check and change the status of keys according to their lifecycle, or rotate keys for security to control versions. You can also monitor usage history to ensure that issued keys are being operated appropriately. You can refer to the following guide.

• Key status in the Using Key Management Service
• Manage key version in the Using Key Management Service
• View history keys in the Using Key Management Service

4. Call APIs

You can use the encryption/decryption and signing/verification features using the keys you create through the Rest API provided by the Key Management Service. Key Management Service APIs are called through the API Gateway. You can refer to the following guide.

• Key Management Service API guide
• API Gateway user guide
• Key Management Service examples
• Cautions for API Key management, Downloading Java SDK in the Prerequisites for using Key Management Service

5. Delete keys

Keys that are no longer in use can be requested to be deleted for misuse prevention and security. When a deletion request is received, it is automatically deleted after a 72-hour waiting period. If you don't need to wait for deletion, you can delete it immediately.

You can refer to the following guide.

• Delete keys in the Using Key Management Service