• Cloud Trace Service

cts
  1. Help Center
  2. Cloud Trace Service
  3. User Guide
  4. Supported Services and Operation Lists
  5. Security
  6. Key Operations of KMS

Key Operations on KMS

Key Management Service (KMS) is a secure and reliable key hosting service used to provide central management of users' masker keys.

With CTS, you can record operations associated with KMS for future query, audit, and backtrack operations.
Table 1 KMS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a secret key

cmk

createKey

Creating a data key

cmk

createDataKey

Creating a plaintext-free data key

cmk

createDataKeyWithoutPlaintext

Enabling a secret key

cmk

enableKey

Disabling a secret key

cmk

disableKey

Encrypting a data key

cmk

encryptDataKey

Decrypting a data key

cmk

decryptDataKey

Scheduling the deletion of a secret key

cmk

scheduleKeyDeletion

Canceling the scheduled deletion of a secret key

cmk

cancelKeyDeletion

Changing the alias of a key

cmk

updateKeyAlias

Modifying the description of a key

cmk

updateKeyDescription

Precautions for deleting a key

cmk

deleteKeyRiskTips

Creating an agency

cmk

createGrant

Retiring a grant

cmk

retireGrant

Revoking a grant

cmk

revokeGrant

Creating random data

rng

genRandom