• API White Paper

wp
  1. Help Center
  2. API White Paper
  3. API Reference
  4. Open Telekom Cloud API Overview
  5. Open Telekom Cloud KMS API Overview

Open Telekom Cloud KMS API Overview

Key Management Service (KMS) provides a centralized key management service. Interworking with the static data storage service on the cloud platform, KMS uses international standard password algorithms to encrypt the data of tenants, preventing unauthorized access and safeguarding data. The following figure shows the KMS architecture.

KMS:

  • Provides cloud services and tenants with the basic key management functions, including securely creating, storing, encrypting and decrypting, enabling, disabling, and deleting keys.
  • Constructs a key management system based on highly secure third-party hardware security modules (HSMs), and uses external database clusters to extend the key management capability of HSMs.
  • Uses the Kmserver cluster to coordinate databases and HSMs, providing a high-availability key management service.

Cloud services, including OBS and EVS, can access KMS through the API Gateway directly.

The KMS provides tenants with APIs for them to integrate into their own applications and therefore manage and use KMS resources on the public cloud.