All Products
Search
Document Center

Key Management Service:Overview

Last Updated:Jan 19, 2024

Alibaba Cloud SDK allows you to construct HTTPS requests to manage Key Management Service (KMS) resources by calling API operations. This topic describes the programming languages and identity authentication methods supported by Alibaba Cloud SDK. This topic also describes how to download and install Alibaba Cloud SDK for different programming languages.

Introduction to Alibaba Cloud SDK

An application can use a KMS endpoint to access KMS and call API operations to perform the following operations. For more information, see List of operations by function.

  • Management operations: the operations to manage default keys and KMS instances, such as creating a key, creating a secret, creating a KMS instance, and changing key tags. To perform management operations in KMS, you must call Alibaba Cloud SDK.

  • Secret value retrieval: the operation to retrieve secret values in KMS.

Note

Users who use the old version of KMS can create keys and secrets without the need to purchase a KMS instance. Applications that are integrated with Alibaba Cloud SDK can use the created keys to perform cryptographic operations and retrieve values of the created secrets. For more information, see List of operations by function.

Supported programming languages

The following table describes the supported programming languages, and the download links and reference documentation of Alibaba Cloud SDK for different languages.

Supported programming language

Alibaba Cloud Darabonba SDK

Alibaba Cloud Classic SDK

Java

Download link:

Reference documentation: Get started with Alibaba Cloud Darabonba SDK for Java

Download link:

aliyun-java-sdk-kms

Reference documentation: Get started with Alibaba Cloud Classic SDK for Java

Python

Download link:

alibabacloud_kms20160120

Reference documentation: Get started with Alibaba Cloud Darabonba SDK for Python

Download link:

aliyun-python-sdk-kms

Reference documentation: Install the Classic SDK and its core library

C++

Download link:

kms-20160120

Reference documentation: none

Download link:

aliyun-openapi-cpp-sdk/kms

Reference documentation: none

PHP

Download link:

alibabacloud/kms-20160120

Reference documentation: Get started with Alibaba Cloud Darabonba SDK for PHP

Download link:

alibabacloud/kms

Reference documentation: Get started with Alibaba Cloud Classic SDK for PHP

.NET(C#)

Download link:

AlibabaCloud.SDK.Kms20160120

Reference documentation: Get started with Alibaba Cloud Darabonba SDK for .NET

Download link:

aliyun-net-sdk-kms

Reference documentation: Get started with Alibaba Cloud Classic SDK for .NET

Go

Download link:

kms-20160120

Reference documentation: Get started with Alibaba Cloud Darabonba SDK for Go

Download link:

alibaba-cloud-sdk-go

Reference documentation: Get started with Alibaba Cloud Classic SDK for Go

TypeScript

Download link:

kms20160120

Reference documentation: none

Not supported

Swift

Download link:

kms-20160120

Reference documentation: none

Not supported

Identity authentication methods

When you use Alibaba Cloud SDK, you must integrate authentication information into the SDK to ensure that your applications have permissions to call API operations. The following authentication methods are supported:

  • AccessKey pairs of Resource Access Management (RAM) users. For more information about how to create a RAM user and an AccessKey pair, see Create a RAM user and Create an AccessKey pair.

    When you create a RAM user for calling the SDK, you must select OpenAPI Access for the RAM user.

  • RAM roles whose trusted entity is an Alibaba Cloud service. For more information, see Create a RAM role for a trusted Alibaba Cloud service.

    When you create a RAM role for calling the SDK, you must select Normal Service Role for Role Type and the Alibaba Cloud service to which your application initiates API requests for Select Trusted Service.

Important

After you create a RAM user or a RAM role, you must attach a policy to the RAM user or the RAM role to allow access to KMS resources. For more information about policies, see Use RAM to manage access to KMS resources.