Key Management Service prerequisites
- Print
- PDF
Key Management Service prerequisites
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
The latest service changes have not yet been reflected in this content. We will update the content as soon as possible. Please refer to the Korean version for information on the latest updates.
Available in Classic and VPC
Check supported environments, pricing plans, and service limits, etc., for best usage of Key Management Service.
Cloud environment specifications
The Cloud environment specifications that Key Management Service supports are as follows:
| Item | Specifications |
|---|---|
| Region (zone) | Korea (KR-1, KR-2), U.S., Singapore, Japan, and Germany |
| Platform | VPC, Classic |
| Languages | Korean, English, and Japanese |
Service Region and platform confirmation
Before using the Key Management Service console, check your Region and platform.
- From the NAVER Cloud Platform console's Region menu, click and select the Region you're using.
- From the Platform menu, click and select one of VPC and Classic.
Precautions on API credential management
Key Management Service's encryption/decryption functions can be used via REST APIs. When accessing programmatically, APIs credentials are used to authenticate users or requests. API credentials can use sub-account information or tokens, and API Gateway's API key may be used as needed.
- Sub-account information: sub-account's Access key, Secret key, and API key (optional)
- Token: refresh token and access token
For API credentials, the sub account's access key, secret key, and the API key of the API are used. The Access Key and Secret Key of the Sub Account can be checked on the sub account details screen of the Sub Account, and the API key of the API can be created or checked in the API Keys of the API Gateway. Key Management Service authentication tokens can be managed and used through the console's key management menu or REST APIs.
Anyone with information used in APIs credentials can access them with the same permissions as the owner of the corresponding key in Key Management Service. Therefore, users with Key Management Service permissions must make efforts to comply with the cloud responsibility sharing model when using.
Note
For description of NAVER Cloud Platform and the user's cloud shared responsibility model, see the Security center of NAVER Cloud Platform portal.
Precautions when using API credentials are as follows:
- APIs credential information (sub-account's Access Key, Secret Key, and tokens) should not be directly included in code.
- Different credentials must be used for each service name or application.
- API credential information must be renewed periodically.
- You must periodically check the key usage history of Key Management Service to check for unauthorized API calls.
- Unused APIs credential information should be discarded immediately.
- If credentials are leaked, damage should be minimized by immediately changing the sub-account's credential values or performing procedures to revoke the token generator.
Download Java SDKs
Key Management Service's Rest API provides Java SDKs (Maven project). Use the SDKs to easily call the Key Management Service API through the API Gateway. To download the Key Management Service Java Client SDKs file, check the information and click Download.
| Date of publication | Name | Extension | Size | Version | Composition | System requirements | File |
|---|---|---|---|---|---|---|---|
| July 21, 2022 | KMS-client-sdk-1.2 | zip | 29 KB | - | - | - | Download |
| January 11, 2024 | KMS-client-sdk-1.3 | zip | 163 KB | - | - | - | Download |
Usage fees
Key Management Service is provided on a pay-per-use basis. For detailed standards for Key Management Service usage fees, please see Portal > Services > Security > Key Management Servicee or Portal > Fees.
Was this article helpful?