简介

概述

密钥管理服务是百度智能云提供的一款密钥管理服务,您可以通过该项服务便捷、安全、可靠的在云上管理密钥类信息。

服务域名

KMS服务目前支持"华北-北京"、"华南-广州"和"华东-苏州"三个区域。

区域 访问Endpoint 协议
华北-北京 bkm.bj.baidubce.com HTTPS
华南-广州 bkm.gz.baidubce.com HTTPS
华东-苏州 bkm.su.baidubce.com HTTPS

公共请求头

头域 类型 说明
Authorization String 用于验证请求合法性的认证信息。更多参见鉴权认证
Content-Length String RFC2616中定义的HTTP请求内容的长度
Content-Type String RFC2616中定义的HTTP请求内容的类型
Content-MD5 String RFC2616定义的HTTP请求内容的MD5摘要,可以通过携带该字段来验证保存在KMS侧的文件和用户预期的文件是否一致
Date String HTTP 1.1协议中规定的GMT时间,如Wed, 06 Apr 2016 06:34:40 GMT
Host String 访问Host值,取值为访问区域对应的Endpoint
x-bce-date String 当前时间,遵循ISO8601规范,格式如2016-04-06T08:23:49Z

公共响应头

头域 类型 说明
Content-Length String RFC2616中定义的HTTP请求内容长度
Content-Type String RFC2616中定义的HTTP请求内容的类型
Connection String 服务器是否断开连接,取值为close或者keep-alive
Date String HTTP 1.1协议中规定的GMT时间,如Wed, 06 Apr 2016 06:34:40 GMT
Server String 服务器的名字,取值为BceKms
x-bce-request-id String 由BCE KMS创建,是请求BceKms的唯一标识
x-bce-debug-id String 由BCE KMS创建,用于帮助排除故障的标识ID,如果在使用KMS过程中遇到问题,可以在工单中提供该字段便于快速定位问题

错误码

当用户访问出错时,KMS返回的错误响应体如下:

{
    "code":"AccessDenied"
    "message":"Access denied"
    "requestId":"7ab2b34d-614d-478a-ba9b-3049ca7b6479"
}

公共错误码

HTTP状态码 错误码 消息 语义
403 Forbidden AccessDenied Access denied 拒绝访问
403 Forbidden SignatureDoesNotMatch The request signature we calculated does not match the signature you provided Authorization头域中附带的签名和服务端计算出的签名不一致
400 Bad Request InvalidHttpAuthHeader The HTTP authorization header is invalid Authorization头域格式错误
400 Bad Request MissingHttpAuthHeader You must provide the authorization header 缺少Authorization头域
403 Forbidden RequestExpired Request has expired 请求的时间戳过期
403 Forbidden InvalidAccessKeyId The Access Key ID you provided does not exist in our records 无效的Access Key Id
500 Internal Server Error InternalError We encountered an internal error Please try again 内部服务错误

密钥管理服务错误码

HTTP状态码 错误码 消息 语义
400 Bad Request MasterKeyNumExceed You have attempted to create more master keys than allowed Master Key数目超过限制
400 Bad Request InvalidPlaintext The plaintext you provided is invalid 无效的待加密明文
404 Not Found NoSuchMasterKey The specified master key does not exist 不存在该master key
400 Bad Request InvalidDescription The specified description is invalid 无效的master key描述
400 Bad Request NotImplemented The API has not been implemented yet 该接口不存在
400 Bad Request InvalidCiphertext The specified ciphertext is invalid 无效的待解密密文
400 Bad Request InvalidMasterKeyId The specified master key id is invalid 无效的Master Key Id
400 Bad Request MissingMasterKeyId You must provide the master key id 缺少Master Key Id字段
400 Bad Request PlaintextLengthExceed The length of plaintext exceeds the limit 待加密明文长度超过限制
400 Bad Request MissingPlaintext You must provide the plaintext 缺少明文字段
400 Bad Request InvalidKeyUsage The specified keyUsage is invalid 无效的keyUsage
400 Bad Request InvalidPendingWindowInDays The specified pending windows in days is invalid 指定的待删除天数非法
400 Bad Request InvalidListKeysLimit The specified limit of list keys is invalid 指定的罗列master key的数目限制无效
400 Bad Request MissingCiphertext You must provide the ciphertext 缺少待加密密文
400 Bad Request MissingNumberOfBytes You must provide the numberOfBytes 缺少生成密钥的长度的字段
400 Bad Request InvalidKeySpec The specified keySpec is invalid 非法的keySpec
400 Bad Request InvalidNumberOfBytes The specified numberOfBytes is invalid 无效的numberOfBytes
429 Too Many Requests Throttling The rate of your request exceed limit 访问被限速
400 Bad Request InvalidState The state of the specified key is invalid for your request 指定的Key状态无效
400 Bad Request InvalidJson The json is malformed or does not meet the requirements 可能是该json格式不正确,或者是不满足该接口要求
400 Bad Request InvalidMarker The marker you provided is invalid 无效的marker
400 Bad Request InvalidAction The specified action is not supported 请求参数中action参数的值无效
400 Bad Request unactivated The account has not activated the kms service 尚未激活KMS服务
400 Bad Request chargeOverDue this account charge is overdue 账户欠费