Overview¶
IMS allows you to create encrypted images to ensure data security.
Note
To use the image encryption function, you must apply for KMS Administrator permissions. For details, see Creating a User and Granting Permissions.
Constraints¶
KMS must be enabled.
If an encrypted image needs to be shared with other tenants, the key of the image must be a custom key instead of the default key ims/default.
The system disk of an ECS created from an encrypted image is also encrypted, and its key is the same as the image key.
If an ECS has an encrypted system disk, private images created from the ECS are also encrypted.
The key used for encrypting an image cannot be changed.
If the key used for encrypting an image is disabled or deleted, the image is unavailable.