KMS
Key Management Service (KMS) is an end-to-end service platform for key management, data encryption, and secret management. KMS provides simple, reliable, secure, and standard-compliant capabilities to encrypt and protect data and manage secrets. KMS helps reduce the costs of procurement, operations and maintenance (O&M), and research and development (R&D) of cryptographic infrastructure, data encryption products, and secrets management products. This way, you can focus on the development of your business.
Category | Feature | Description | References |
Key Management Service (KMS) | Instance management | Allows you to enable, view, and upgrade KMS instances, and enable security audit for KMS instances. | |
Key management | Allows you to manage keys in a secure manner and use keys to perform cryptographic operations. You can manage keys that are required for server-side data encryption in Alibaba Cloud services. You can also use keys to perform cryptographic operations such as signing and verification, data encryption, and data decryption in self-managed applications. | ||
Secret management | Allows you to encrypt and store secrets, regularly rotate secrets, distribute secrets in a secure manner, and manage secrets in a centralized manner. This helps prevent risks that are caused by secrets in plaintext in your applications. Secret rotation can effectively mitigate the adverse impacts of secret leaks. | ||
Tag management | Allows you to add tags to keys and secrets. | ||
Backup management | Allows you to back up keys and secrets. This helps you quickly restore data and prevent data loss in scenarios such as accidental deletion and disaster recovery. | ||
Application management | Allows you to implement fine-grained permission control for applications to access KMS resources. | - | |
Simple Log Service for KMS | Allows you to query and analyze logs of KMS instances in the KMS console and store logs for up to 180 days. The Simple Log Service for KMS feature is developed based on Simple Log Service. |