This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Security

1: Certificate Manager

1.1: CLIs

1.1.1: Check duplicate name

1.1.1.1: 1.1
1.1.1.2: 1.0

1.1.2: Create a certificate

1.1.2.1: 1.1
1.1.2.2: 1.0

1.1.3: Delete a certificate

1.1.3.1: 1.1
1.1.3.2: 1.0

1.1.4: Detail a certificate

1.1.4.1: 1.1
1.1.4.2: 1.0

1.1.5: List certificates

1.1.5.1: 1.1
1.1.5.2: 1.0

1.1.6: Self-sign a certificate

1.1.6.1: 1.1
1.1.6.2: 1.0

1.1.7: Validate a certificate

1.1.7.1: 1.1
1.1.7.2: 1.0

2: Config Inspection

2.1: CLIs

2.1.1: Create Config Inspection

2.1.1.1: 1.1
2.1.1.2: 1.0

2.1.2: Delete Config Inspection

2.1.2.1: 1.1
2.1.2.2: 1.0

2.1.3: Diagnosis Request

2.1.3.1: 1.1
2.1.3.2: 1.0

2.1.4: Get Diagnosis Object Detail

2.1.4.1: 1.1
2.1.4.2: 1.0

2.1.5: Get Diagnosis Result Detail

2.1.5.1: 1.1
2.1.5.2: 1.0

2.1.6: List Config Inspection

2.1.6.1: 1.1
2.1.6.2: 1.0

2.1.7: List Diagnosis Result

2.1.7.1: 1.1
2.1.7.2: 1.0

3: Key Management Service

3.1: CLIs

3.1.1: Change Rotate Info

3.1.1.1: 1.1
3.1.1.2: 1.0

3.1.2: Change State Of Key

3.1.2.1: 1.1
3.1.2.2: 1.0

3.1.3: Check Duplicate Name

3.1.3.1: 1.1
3.1.3.2: 1.0

3.1.4: Create Datakey

3.1.4.1: 1.1
3.1.4.2: 1.0

3.1.5: Create Key

3.1.5.1: 1.1
3.1.5.2: 1.0

3.1.6: Decrypt Data

3.1.6.1: 1.1
3.1.6.2: 1.0

3.1.7: Delete Key

3.1.7.1: 1.1
3.1.7.2: 1.0

3.1.8: Encrypt Data

3.1.8.1: 1.1
3.1.8.2: 1.0

3.1.9: List Keys

3.1.9.1: 1.1
3.1.9.2: 1.0

3.1.10: List Users

3.1.10.1: 1.1
3.1.10.2: 1.0

3.1.11: Make hmac

3.1.11.1: 1.1
3.1.11.2: 1.0

3.1.12: Rewrap Data

3.1.12.1: 1.1
3.1.12.2: 1.0

3.1.13: Rotate Key

3.1.13.1: 1.1
3.1.13.2: 1.0

3.1.14: Show Key

3.1.14.1: 1.1
3.1.14.2: 1.0

3.1.15: Sign Data

3.1.15.1: 1.1
3.1.15.2: 1.0

3.1.16: Update Description

3.1.16.1: 1.1
3.1.16.2: 1.0

3.1.17: Verify Data

3.1.17.1: 1.1
3.1.17.2: 1.0

3.1.18: Verify hmac with input

3.1.18.1: 1.1
3.1.18.2: 1.0

4: Secret Vault

4.1: CLIs

4.1.1: Create Secret Vault

4.1.1.1: 1.0

4.1.2: Delete Secret Vault

4.1.2.1: 1.0

4.1.3: List Secret Vaults

4.1.3.1: 1.0

4.1.4: Show Secret Vault

4.1.4.1: 1.0

5: Secrets Manager

5.1: CLIs

5.1.1: Create Secret

5.1.1.1: 1.0

5.1.2: Delete Secret

5.1.2.1: 1.0

5.1.3: Generate Random Password

5.1.3.1: 1.0

5.1.4: List Secrets

5.1.4.1: 1.0

5.1.5: List Versions of Secret

5.1.5.1: 1.0

5.1.6: Restore Secret

5.1.6.1: 1.0

5.1.7: Set CIDR of Secret

5.1.7.1: 1.0

5.1.8: Set Description of Secret

5.1.8.1: 1.0

5.1.9: Set KMS ID of Secret

5.1.9.1: 1.0

5.1.10: Set Label of Version

5.1.10.1: 1.0

5.1.11: Show Secret Detail

5.1.11.1: 1.0

5.1.12: Show Secret Value

5.1.12.1: 1.0

5.1.13: Update Secret Value

5.1.13.1: 1.0

1 - Certificate Manager

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Certificate Manager service and how to call CLI. The output is formatted as a JSON string

Version

Version	Status	Supported Until
1.0	SUPPORTED	20260531
1.1	CURRENT	-

1.1 - CLIs

1.1.1 - Check duplicate name

1.1.1.1 - 1.1

scpcli certificatemanager certificate check
--name <value>

Description

Check duplication name

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
name required	string	Certificate Name	-

Responses

Name	Description	Example
result	True, False Check	True

1.1.1.2 - 1.0

scpcli certificatemanager certificate check
--name <value>

Description

Check duplication name

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
name required	string	Certificate Name	-

Responses

Name	Description	Example
result	True, False Check	True

1.1.2 - Create a certificate

1.1.2.1 - 1.1

scpcli certificatemanager certificate create
--timezone <value>
--region <value>
--private_key <value>
--name <value>
--cert_body <value>
[--cert_chain <value>]
[--recipients <value>]
[--tags <value>]

Description

Create a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
timezone required	string	Timezone	`Asia/Seoul`
region required	string	Name of region	`west1`
private_key required	string	Private key	`<encoded private key data>`
name required	string	Certificate Name	`test-certificate`
cert_body required	string	Certificate body	`<encoded certificate body data>`
cert_chain optional	string	Certificate chain	`<encoded certificate chain data>`
recipients optional	array	Expired certificates Recipients	`'{"region": "", "user_id": "", "user_name": ""}'`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	PRD
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
recipients	Expired certificates Recipients	[{‘region’: ‘’, ‘user_id’: ‘sdaFDQSDADZ2488e195c0e97d9b9eb’, ‘user_name’: ‘kildong.hong’}]
state	Certificate State	VALID
tags	Tag List’
user_name	User Name	kildong@samsung.com

1.1.2.2 - 1.0

scpcli certificatemanager certificate create
--timezone <value>
--region <value>
--private_key <value>
--name <value>
--cert_body <value>
[--cert_chain <value>]
[--recipients <value>]
[--tags <value>]

Description

Create a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
timezone required	string	Timezone	`Asia/Seoul`
region required	string	Name of region	`west1`
private_key required	string	Private key	`<encoded private key data>`
name required	string	Certificate Name	`test-certificate`
cert_body required	string	Certificate body	`<encoded certificate body data>`
cert_chain optional	string	Certificate chain	`<encoded certificate chain data>`
recipients optional	array	Expired certificates Recipients	`'{"region": "", "user_id": "", "user_name": ""}'`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	PRD
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
recipients	Expired certificates Recipients	[{‘region’: ‘’, ‘user_id’: ‘sdaFDQSDADZ2488e195c0e97d9b9eb’, ‘user_name’: ‘kildong.hong’}]
state	Certificate State	VALID
tags	Tag List’
user_name	User Name	kildong@samsung.com

1.1.3 - Delete a certificate

1.1.3.1 - 1.1

scpcli certificatemanager certificate delete
--certificate_id <value>

Description

Delete a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
certificate_id required	string	Certificate ID	-

1.1.3.2 - 1.0

scpcli certificatemanager certificate delete
--certificate_id <value>

Description

Delete a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
certificate_id required	string	Certificate ID	-

1.1.4 - Detail a certificate

1.1.4.1 - 1.1

scpcli certificatemanager certificate detail
--certificate_id <value>

Description

Detail a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
certificate_id required	string	Certificate ID	-

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	DEV
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
state	Certificate State	VALID
user_name	User Name	2048

1.1.4.2 - 1.0

scpcli certificatemanager certificate detail
--certificate_id <value>

Description

Detail a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
certificate_id required	string	Certificate ID	-

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	DEV
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
state	Certificate State	VALID
user_name	User Name	2048

1.1.5 - List certificates

1.1.5.1 - 1.1

scpcli certificatemanager certificate list
[--size <value>]
[--page <value>]
[--sort <value>]
[--ismine <value>]
[--name <value>]
[--cn <value>]
[--state <value>]

Description

List Certificates

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
size optional	integer	size	`20`
page optional	integer	page	`0`
sort optional	string	sort	`created_at:desc`
ismine optional	boolean	Is it my certificate	-
name optional	string	Certificate Name	`test-certificate`
cn optional	string	Certificate Common Name	`test.go.kr`
state optional	array	Certificate State	`V`

Responses

Name	Description	Example
id	Certificate ID
cert_kind	Certificate type	PRD
cn	Certificate Common Name	test.go.kr
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
state	Certificate State	VALID

1.1.5.2 - 1.0

scpcli certificatemanager certificate list
[--size <value>]
[--page <value>]
[--sort <value>]
[--ismine <value>]
[--name <value>]
[--cn <value>]
[--state <value>]

Description

List Certificates

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
size optional	integer	size	`20`
page optional	integer	page	`0`
sort optional	string	sort	`created_at:desc`
ismine optional	boolean	Is it my certificate	-
name optional	string	Certificate Name	`test-certificate`
cn optional	string	Certificate Common Name	`test.go.kr`
state optional	array	Certificate State	`V`

Responses

Name	Description	Example
id	Certificate ID
cert_kind	Certificate type	PRD
cn	Certificate Common Name	test.go.kr
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
state	Certificate State	VALID

1.1.6 - Self-sign a certificate

1.1.6.1 - 1.1

scpcli certificatemanager certificate selfSign
--timezone <value>
--region <value>
--organization <value>
--not_before_dt <value>
--not_after_dt <value>
--name <value>
--cn <value>
[--recipients <value>]
[--tags <value>]

Description

Self-sign a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
timezone required	string	Timezone	`Asia/Seoul`
region required	string	Name of region	`west1`
organization required	string	Certificate Organization Name	`samsungSDS`
not_before_dt required	string	Certificate Start Date	`20250101`
not_after_dt required	string	Certificate Expire Date	`20251212`
name required	string	Certificate Name	`test-certificate`
cn required	string	Certificate Common Name	`test.go.kr`
recipients optional	array	Expired certificates Recipients	`'{"region": "", "user_id": "", "user_name": ""}'`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	DEV
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
state	Certificate State	VALID
user_name	User Name	2048

1.1.6.2 - 1.0

scpcli certificatemanager certificate selfSign
--timezone <value>
--region <value>
--organization <value>
--not_before_dt <value>
--not_after_dt <value>
--name <value>
--cn <value>
[--recipients <value>]
[--tags <value>]

Description

Self-sign a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
timezone required	string	Timezone	`Asia/Seoul`
region required	string	Name of region	`west1`
organization required	string	Certificate Organization Name	`samsungSDS`
not_before_dt required	string	Certificate Start Date	`20250101`
not_after_dt required	string	Certificate Expire Date	`20251212`
name required	string	Certificate Name	`test-certificate`
cn required	string	Certificate Common Name	`test.go.kr`
recipients optional	array	Expired certificates Recipients	`'{"region": "", "user_id": "", "user_name": ""}'`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	b82909b3576449fda984fb25c3123542da
cert_body	Certificate body
cert_chain	Certificate chain
cert_kind	Certificate type	DEV
cert_type	Certificate type	pem
cert_version	Certificate Version	2
cn	Certificate Common Name	test.go.kr
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
key_bit_size	key bits size	2048
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Certificate Name	test-certificate
not_after_dt	Certificate Expire Date	2026-02-07T18:07:59
not_before_dt	Certificate Start Date	2025-02-08T18:07:00
organization	Certificate Organization Name	samsungSDS
private_key	Private key
state	Certificate State	VALID
user_name	User Name	2048

1.1.7 - Validate a certificate

1.1.7.1 - 1.1

scpcli certificatemanager certificate validate
--private_key <value>
--cert_body <value>
[--cert_chain <value>]

Description

Validate a Certificate

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
private_key required	string	Private key	`<encoded private key data>`
cert_body required	string	Certificate body	`<encoded certificate body data>`
cert_chain optional	string	Certificate chain	`<encoded certificate chain data>`

Responses

Name	Description	Example
validate_check

1.1.7.2 - 1.0

scpcli certificatemanager certificate validate
--private_key <value>
--is_need_cert_chain <value>
--cert_body <value>
[--cert_chain <value>]

Description

Validate a Certificate

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
private_key required	string	Private key	`<encoded private key data>`
is_need_cert_chain required	boolean	Is needed Certificate chain	`True`
cert_body required	string	Certificate body	`<encoded certificate body data>`
cert_chain optional	string	Certificate chain	`<encoded certificate chain data>`

Responses

Name	Description	Example
result	True, False Check	True

2 - Config Inspection

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Config Inspection and how to call CLI. The output is formatted as a JSON string

Version

Version	Status	Supported Until
1.0	SUPPORTED	20260531
1.1	CURRENT	-

2.1 - CLIs

2.1.1 - Create Config Inspection

2.1.1.1 - 1.1

scpcli configinspection ci create
--use_diagnosis_check_type_ssi <value>
--use_diagnosis_check_type_bp <value>
--frequency_value <value>
--frequency_type <value>
--diagnosis_start_time_pattern <value>
--auth_key_id <value>
--plan_type <value>
--diagnosis_type <value>
--diagnosis_name <value>
--diagnosis_id <value>
--diagnosis_check_type <value>
--diagnosis_account_id <value>
--csp_type <value>
--account_id <value>
[--tags <value>]
[--auth_key_created_at <value>]
[--auth_key_expired_at <value>]

Description

Create Diagnosis Object

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
use_diagnosis_check_type_ssi required	string	Checklist SSI usage	`y`
use_diagnosis_check_type_bp required	string	Checklist Best Practice Use	`y`
frequency_value required	string	Schedule value (01~31, MONDAY~SUNDAY, everyDay)	`1`
frequency_type required	string	Schedule type( monthly, weekly, daily)	`MONTH`
diagnosis_start_time_pattern required	string	Start time( 5-minute increments, 00 to 23 hours, 00 to 55 minutes )	`08:00`
auth_key_id required	string	Id of auth key	`9b72a9856e494e67afc69atd3631fe38`
plan_type required	string	plan Type	`STANDARD`
diagnosis_type required	string	diagnosis Type	`Console`
diagnosis_name required	string	Name of diagnosis	`Sample Diagnosis Name`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_check_type required	string	Check type of diagnosis	`BP`
diagnosis_account_id required	string	Id of diagnosis	`0e3dffc50eb247a1adf4f2e5c82c4f99`
csp_type required	string	Type of cloud service provider	`SCP`
account_id required	string	account Id	`0e3dffc50eb247a1adf4f2e5c82c4f99`
tags optional	array	Tag List	`'{"key": "", "value": ""}'`
auth_key_created_at optional	string	created date of authkey	`2022-01-01 12:00:00`
auth_key_expired_at optional	string	expired date of authkey	`2023-01-01 12:00:00`

Responses

Name	Description	Example
diagnosis_id	Id of diagnosis	Sample Diagnosis Name
result	True, False Check	True

2.1.1.2 - 1.0

scpcli configinspection ci create
--use_diagnosis_check_type_ssi <value>
--use_diagnosis_check_type_bp <value>
--frequency_value <value>
--frequency_type <value>
--diagnosis_start_time_pattern <value>
--auth_key_id <value>
--plan_type <value>
--diagnosis_type <value>
--diagnosis_name <value>
--diagnosis_id <value>
--diagnosis_check_type <value>
--diagnosis_account_id <value>
--csp_type <value>
--account_id <value>
[--tags <value>]
[--auth_key_created_at <value>]
[--auth_key_expired_at <value>]

Description

Create Diagnosis Object

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
use_diagnosis_check_type_ssi required	string	Checklist SSI usage	`y`
use_diagnosis_check_type_bp required	string	Checklist Best Practice Use	`y`
frequency_value required	string	Schedule value (01~31, MONDAY~SUNDAY, everyDay)	`1`
frequency_type required	string	Schedule type( monthly, weekly, daily)	`MONTH`
diagnosis_start_time_pattern required	string	Start time( 5-minute increments, 00 to 23 hours, 00 to 55 minutes )	`08:00`
auth_key_id required	string	Id of auth key	`9b72a9856e494e67afc69atd3631fe38`
plan_type required	string	plan Type	`STANDARD`
diagnosis_type required	string	diagnosis Type	`Console`
diagnosis_name required	string	Name of diagnosis	`Sample Diagnosis Name`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_check_type required	string	Check type of diagnosis	`BP`
diagnosis_account_id required	string	Id of diagnosis	`0e3dffc50eb247a1adf4f2e5c82c4f99`
csp_type required	string	Type of cloud service provider	`SCP`
account_id required	string	account Id	`0e3dffc50eb247a1adf4f2e5c82c4f99`
tags optional	array	Tag List	`'{"key": "", "value": ""}'`
auth_key_created_at optional	string	created date of authkey	`2022-01-01 12:00:00`
auth_key_expired_at optional	string	expired date of authkey	`2023-01-01 12:00:00`

Responses

Name	Description	Example
result	True, False Check	True

2.1.2 - Delete Config Inspection

2.1.2.1 - 1.1

scpcli configinspection ci delete
--diagnosis_id <value>

Description

Delete Config Inspection Product

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
diagnosis_id required	string	Id of diagnosis	`Sample Diagnosis Name`

2.1.2.2 - 1.0

scpcli configinspection ci delete
--diagnosis_id <value>

Description

Delete Config Inspection Product

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
diagnosis_id required	string	Id of diagnosis	`Sample Diagnosis Name`

2.1.3 - Diagnosis Request

2.1.3.1 - 1.1

scpcli configinspection ci diagnosis request
--tenant_id <value>
--secret_key <value>
--diagnosis_id <value>
--diagnosis_check_type <value>
--access_key <value>

Description

Request diagnosis

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
tenant_id required	string	Tenant ID	`1234567890`
secret_key required	string	Secret Key	`SAMPLE KEY`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_check_type required	string	Check type of diagnosis	`BP`
access_key required	string	Access Key	`SAMPLE KEY`

Responses

Name	Description	Example
result	True, False Check	True

2.1.3.2 - 1.0

scpcli configinspection ci diagnosis request
--tenant_id <value>
--secret_key <value>
--diagnosis_id <value>
--diagnosis_check_type <value>
--access_key <value>

Description

Request diagnosis

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
tenant_id required	string	Tenant ID	`1234567890`
secret_key required	string	Secret Key	`SAMPLE KEY`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_check_type required	string	Check type of diagnosis	`BP`
access_key required	string	Access Key	`SAMPLE KEY`

Responses

Name	Description	Example
result	True, False Check	True

2.1.4 - Get Diagnosis Object Detail

2.1.4.1 - 1.1

scpcli configinspection ci detail
--diagnosis_id <value>

Description

Get Diagnosis Object Detail

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
diagnosis_id required	string	Id of diagnosis	`Sample Diagnosis Name`

Responses

Name	Description	Example
auth_key_created_at	created date of authkey	2022-01-01T12:00:00Z
auth_key_expired_at	expired date of authkey	2022-01-01T12:00:00Z
auth_key_id	Id of auth key	9b72a9856e494e67afc69atd3631fe38
auth_key_state	state of auth key	ACTIVATED
user_id	user Id	4f5d60e9e08b48d0a0881e21ab14e266

2.1.4.2 - 1.0

scpcli configinspection ci detail
--diagnosis_id <value>

Description

Get Diagnosis Object Detail

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
diagnosis_id required	string	Id of diagnosis	`Sample Diagnosis Name`

Responses

Name	Description	Example
auth_key_created_at	created date of authkey	2022-01-01T12:00:00Z
auth_key_expired_at	expired date of authkey	2022-01-01T12:00:00Z
auth_key_id	Id of auth key	9b72a9856e494e67afc69atd3631fe38
auth_key_state	state of auth key	ACTIVATED
user_id	user Id	4f5d60e9e08b48d0a0881e21ab14e266

2.1.5 - Get Diagnosis Result Detail

2.1.5.1 - 1.1

scpcli configinspection ci result detail
--diagnosis_request_sequence <value>
--diagnosis_id <value>
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]

Description

get Diagnosis Result Detail

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
diagnosis_request_sequence required	string	Sequence of diagnosis request	`SCPCIS-E75FD21CA524441C9C1B1B381D5974F7`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`

Responses

Name	Description	Example
action_guide	measure guide description	원격 접속 Port에 Source IP가 ANY(0.0.0.0/0)로 등록되어있거나 과도하게 허용된 Security Group 규칙은 아래와 같이 삭제합니다.
changed	iS Change result manage	True
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_criteria	decision standard description	【 Security Group 규칙 】
① 원격접속 Port에 Any IP 접근을 허용하는 규칙이 존재하지 않아야 합니다.
diagnosis_item	sub category description	2.NW_003. 프로토콜 별 원격접속 Port는 접근이 필요한 IP를 지정하여 접속을 허용해야 합니다.
diagnosis_layer	inspector item category description	2.NETWORK
diagnosis_method	inspector method description	Security Group의 Inbound 규칙에 원격 접속이 필요한 사용자나 시스템만 접근을 허용하는 규칙을 등록 하였는지 확인합니다.
diagnosis_result	verify result state	03
result_contents	result Contents	상세 내역
sub_category	Sub Category	NURIBP_SCP_02.NW_004

2.1.5.2 - 1.0

scpcli configinspection ci result detail
--diagnosis_request_sequence <value>
--diagnosis_id <value>
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]

Description

get Diagnosis Result Detail

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
diagnosis_request_sequence required	string	Sequence of diagnosis request	`SCPCIS-E75FD21CA524441C9C1B1B381D5974F7`
diagnosis_id required	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`

Responses

Name	Description	Example
action_guide	measure guide description	원격 접속 Port에 Source IP가 ANY(0.0.0.0/0)로 등록되어있거나 과도하게 허용된 Security Group 규칙은 아래와 같이 삭제합니다.
changed	iS Change result manage	True
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_criteria	decision standard description	【 Security Group 규칙 】
① 원격접속 Port에 Any IP 접근을 허용하는 규칙이 존재하지 않아야 합니다.
diagnosis_item	sub category description	2.NW_003. 프로토콜 별 원격접속 Port는 접근이 필요한 IP를 지정하여 접속을 허용해야 합니다.
diagnosis_layer	inspector item category description	2.NETWORK
diagnosis_method	inspector method description	Security Group의 Inbound 규칙에 원격 접속이 필요한 사용자나 시스템만 접근을 허용하는 규칙을 등록 하였는지 확인합니다.
diagnosis_result	verify result state	03
result_contents	result Contents	상세 내역
sub_category	Sub Category	NURIBP_SCP_02.NW_004

2.1.6 - List Config Inspection

2.1.6.1 - 1.1

scpcli configinspection ci list
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]
[--ismine <value>]
[--diagnosis_id <value>]
[--diagnosis_name <value>]
[--csp_type <value>]
[--diagnosis_account_id <value>]
[--recent_diagnosis_state <value>]
[--start_date <value>]
[--end_date <value>]

Description

get config inspection list

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`
ismine optional	boolean	my Config Inspection	`False`
diagnosis_id optional	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_name optional	string	Name of diagnosis	`My Diagnosis`
csp_type optional	string	Type of cloud service provider	`SCP`
diagnosis_account_id optional	string	Id of diagnosis	`0e3dffc50eb247a1adf4f2e5c82c4f99`
recent_diagnosis_state optional	array	recent Diagnosis State	`C`
start_date optional	string	start Date	`2022-01-01 12:00:00`
end_date optional	string	end Date	`2022-01-02 12:00:00`

Responses

Name	Description	Example
created_at	Created date	2022-01-01T12:00:00Z
csp_type	Type of cloud service provider	SCP
diagnosis_account_id	Id of diagnosis	0e3dffc50eb247a1adf4f2e5c82c4f99
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_id	Id of diagnosis	DIA-943731CB8E3045C289BAECAEC3532097
diagnosis_name	Name of diagnosis	Sample Diagnosis Name
diagnosis_type	diagnosis Type	Console
error_state	Error type of recent diagnosis	CONNECTION_FAIL
plan_type	plan Type	STANDARD
recent_diagnosis_at	recent Diagnosis Date	2022-01-01T12:00:00Z
recent_diagnosis_state	recent Diagnosis State	Completed

2.1.6.2 - 1.0

scpcli configinspection ci list
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]
[--ismine <value>]
[--diagnosis_id <value>]
[--diagnosis_name <value>]
[--csp_type <value>]
[--diagnosis_account_id <value>]
[--recent_diagnosis_state <value>]
[--start_date <value>]
[--end_date <value>]

Description

get config inspection list

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`
ismine optional	boolean	my Config Inspection	`False`
diagnosis_id optional	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_name optional	string	Name of diagnosis	`My Diagnosis`
csp_type optional	string	Type of cloud service provider	`SCP`
diagnosis_account_id optional	string	Id of diagnosis	`0e3dffc50eb247a1adf4f2e5c82c4f99`
recent_diagnosis_state optional	array	recent Diagnosis State	`C`
start_date optional	string	start Date	`2022-01-01 12:00:00`
end_date optional	string	end Date	`2022-01-02 12:00:00`

Responses

Name	Description	Example
created_at	Created date	2022-01-01T12:00:00Z
csp_type	Type of cloud service provider	SCP
diagnosis_account_id	Id of diagnosis	0e3dffc50eb247a1adf4f2e5c82c4f99
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_id	Id of diagnosis	DIA-943731CB8E3045C289BAECAEC3532097
diagnosis_name	Name of diagnosis	Sample Diagnosis Name
diagnosis_type	diagnosis Type	Console
error_state	Error type of recent diagnosis	CONNECTION_FAIL
plan_type	plan Type	STANDARD
recent_diagnosis_at	recent Diagnosis Date	2022-01-01T12:00:00Z
recent_diagnosis_state	recent Diagnosis State	Completed

2.1.7 - List Diagnosis Result

2.1.7.1 - 1.1

scpcli configinspection ci result list
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]
[--account_id <value>]
[--diagnosis_id <value>]
[--diagnosis_name <value>]
[--start_date <value>]
[--end_date <value>]
[--csp_type <value>]
[--diagnosis_state <value>]
[--user_id <value>]

Description

get Diagnosis Result List

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`
account_id optional	string	account Id	`0e3dffc50eb247a1adf4f2e5c82c4f99`
diagnosis_id optional	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_name optional	string	Name of diagnosis	`Sample Diagnosis Name`
start_date optional	string	start Date	`2022-01-01`
end_date optional	string	end Date	`2022-12-31`
csp_type optional	string	Type of cloud service provider	`SCP`
diagnosis_state optional	string	Status of diagnosis	`Completed`
user_id optional	string	user Id	`76b563a009584b1380715c00703a02ff`

Responses

Name	Description	Example
count_check	check count	10
count_error	error count	0
count_fail	fail count	3
count_na	na count	2
count_pass	pass count	5
csp_type	Type of cloud service provider	SCP
diagnosis_account_id	Id of diagnosis	0e3dffc50eb247a1adf4f2e5c82c4f99
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_id	Id of diagnosis	DIA-943731CB8E3045C289BAECAEC3532097
diagnosis_name	Name of diagnosis	Sample Diagnosis Name
diagnosis_request_sequence	Sequence of diagnosis request	1234567890
diagnosis_result	diagnosis Result	SUCCESS
diagnosis_total_count	diagnosis Total Count	10
proceed_date	proceed Date	2022-01-01T12:00:00Z
total	total count	10

2.1.7.2 - 1.0

scpcli configinspection ci result list
[--with_count <value>]
[--limit <value>]
[--marker <value>]
[--sort <value>]
[--account_id <value>]
[--diagnosis_id <value>]
[--diagnosis_name <value>]
[--start_date <value>]
[--end_date <value>]
[--csp_type <value>]
[--diagnosis_state <value>]
[--user_id <value>]

Description

get Diagnosis Result List

State ACTIVE (SUPPORTED)

Version	Supported Until
1.0	20260531

Parameters

Name	Type	Description	Example
with_count optional	string	with count	`true`
limit optional	integer	limit	`20`
marker optional	string	marker	`607e0938521643b5b4b266f343fae693`
sort optional	string	sort	`created_at:desc`
account_id optional	string	account Id	`0e3dffc50eb247a1adf4f2e5c82c4f99`
diagnosis_id optional	string	Id of diagnosis	`DIA-943731CB8E3045C289BAECAEC3532097`
diagnosis_name optional	string	Name of diagnosis	`Sample Diagnosis Name`
start_date optional	string	start Date	`2022-01-01`
end_date optional	string	end Date	`2022-12-31`
csp_type optional	string	Type of cloud service provider	`SCP`
diagnosis_state optional	string	Status of diagnosis	`Completed`
user_id optional	string	user Id	`76b563a009584b1380715c00703a02ff`

Responses

Name	Description	Example
count_check	check count	10
count_error	error count	0
count_fail	fail count	3
count_na	na count	2
count_pass	pass count	5
csp_type	Type of cloud service provider	SCP
diagnosis_account_id	Id of diagnosis	0e3dffc50eb247a1adf4f2e5c82c4f99
diagnosis_check_type	Check type of diagnosis	BP
diagnosis_id	Id of diagnosis	DIA-943731CB8E3045C289BAECAEC3532097
diagnosis_name	Name of diagnosis	Sample Diagnosis Name
diagnosis_request_sequence	Sequence of diagnosis request	1234567890
diagnosis_result	diagnosis Result	SUCCESS
diagnosis_total_count	diagnosis Total Count	10
proceed_date	proceed Date	2022-01-01T12:00:00Z
total	total count	10

3 - Key Management Service

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Key Management Service(KMS) and how to call CLI. The output is formatted as a JSON string

Version

Version	Status	Supported Until
1.0	DEPRECATED	20251231
1.1	CURRENT	-

3.1 - CLIs

3.1.1 - Change Rotate Info

3.1.1.1 - 1.1

scpcli kms kms change rotate info
--key_id <value>
--rotate_cycle <value>
--auto_rotate <value>

Description

Change rotate info.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
rotate_cycle required	integer	Rotation cycle	`7`
auto_rotate required	string	Auto rotate Y or N	`Y`

3.1.1.2 - 1.0

scpcli kms kms change rotate info
--key_id <value>
--rotate_cycle <value>
--auto_rotate <value>

Description

Change rotate info.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
rotate_cycle required	integer	Rotation cycle	`7`
auto_rotate required	string	Auto rotate Y or N	`Y`

3.1.2 - Change State Of Key

3.1.2.1 - 1.1

scpcli kms kms change state
--key_id <value>
--state <value>

Description

Change state of key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
state required	string	State of key(Active, Stop)	`Active`

3.1.2.2 - 1.0

scpcli kms kms change state
--key_id <value>
--state <value>

Description

Change state of key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
state required	string	State of key(Active, Stop)	`Active`

3.1.3 - Check Duplicate Name

3.1.3.1 - 1.1

scpcli kms kms check duplicate name
--name <value>

Description

Check duplication of key name.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
name required	string	Name of key	`testkey`

Responses

Name	Description	Example
isDuplicateName		True

3.1.3.2 - 1.0

scpcli kms kms check duplicate name
--name <value>

Description

Check duplication of key name.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
name required	string	Name of key	`testkey`

Responses

Name	Description	Example
isDuplicateName		True

3.1.4 - Create Datakey

3.1.4.1 - 1.1

scpcli kms kms datakey
--key_id <value>
--key_type <value>

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
key_type required	string	Key type( plaintext or wrapped )	`plaintext`

Responses

Name	Description	Example
ciphertext	Encrypted data key	vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1
plaintext	Data key(base64 encoded)	oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA=

3.1.4.2 - 1.0

scpcli kms kms datakey
--key_id <value>
--key_type <value>

Description

Generates a new key and the value encrypted with key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
key_type required	string	Key type( plaintext or wrapped )	`plaintext`

Responses

Name	Description	Example
ciphertext	Encrypted data key	vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1
plaintext	Data key(base64 encoded)	oTvvEkE7q0WM2S5yfGFz5nqe32QMlrCVnqssmDPu6fA=

3.1.5 - Create Key

3.1.5.1 - 1.1

scpcli kms kms create
--rotate_cycle <value>
--purpose <value>
--name <value>
--description <value>
--auto_rotate <value>
[--key_type <value>]
[--tags <value>]

Description

Create key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
rotate_cycle required	integer	Rotation cycle	`7`
purpose required	string	Purpose of key	`rsa-2048`
name required	string	Name of key	`testkey`
description required	string	Description of Key	`description1`
auto_rotate required	string	Auto rotate Y or N	`Y`
key_type optional	string	basic or advanced	`advanced`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.5.2 - 1.0

scpcli kms kms create
--rotate_cycle <value>
--purpose <value>
--name <value>
--description <value>
--auto_rotate <value>
[--key_type <value>]
[--tags <value>]

Description

Create key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
rotate_cycle required	integer	Rotation cycle	`7`
purpose required	string	Purpose of key	`rsa-2048`
name required	string	Name of key	`testkey`
description required	string	Description of Key	`description1`
auto_rotate required	string	Auto rotate Y or N	`Y`
key_type optional	string	basic or advanced	`advanced`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.6 - Decrypt Data

3.1.6.1 - 1.1

scpcli kms kms decrypt
--key_id <value>
--ciphertext <value>

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
ciphertext required	string	Encrypted data by KMS	`vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`

Responses

Name	Description	Example
plaintext	Decrypted data(base64 encoded)	dGhlIHF1aWNrIGJyb3duIGZveAo=

3.1.6.2 - 1.0

scpcli kms kms decrypt
--key_id <value>
--ciphertext <value>

Description

Decrypts the provided ciphertext using key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
ciphertext required	string	Encrypted data by KMS	`vault:v283:YiUpW1bpF2fMY0VR332Qpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`

Responses

Name	Description	Example
plaintext	Decrypted data(base64 encoded)	dGhlIHF1aWNrIGJyb3duIGZveAo=

3.1.7 - Delete Key

3.1.7.1 - 1.1

scpcli kms kms delete
--key_id <value>
[--is_directly <value>]

Description

Delete a key now or later.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
is_directly optional	boolean	Delete immediately	`True`

3.1.7.2 - 1.0

scpcli kms kms delete
--key_id <value>
[--is_directly <value>]

Description

Delete a key now or later.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
is_directly optional	boolean	Delete immediately	`True`

3.1.8 - Encrypt Data

3.1.8.1 - 1.1

scpcli kms kms encrypt
--key_id <value>
--plaintext <value>

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
plaintext required	string	Data(base64 encoded) to encrypt	`dGhlIHF1aWNrIGJyb3duIGZveAo=`

Responses

Name	Description	Example
ciphertext	Encrypted data by KMS	vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1

3.1.8.2 - 1.0

scpcli kms kms encrypt
--key_id <value>
--plaintext <value>

Description

Encrypts the provided plaintext(base64 encoded) using key(Purpose: encryption/decryption)

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
plaintext required	string	Data(base64 encoded) to encrypt	`dGhlIHF1aWNrIGJyb3duIGZveAo=`

Responses

Name	Description	Example
ciphertext	Encrypted data by KMS	vault:v283:YiUpW1bpF2fMY0VRh3aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1

3.1.9 - List Keys

3.1.9.1 - 1.1

scpcli kms kms list
[--size <value>]
[--page <value>]
[--sort <value>]
[--name <value>]

Description

List keys.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
size optional	integer	size	`20`
page optional	integer	page	`0`
sort optional	string	sort	`created_at:desc`
name optional	string	Name of key	`testkey`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.9.2 - 1.0

scpcli kms kms list
[--size <value>]
[--page <value>]
[--sort <value>]
[--name <value>]

Description

List keys.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
size optional	integer	size	`20`
page optional	integer	page	`0`
sort optional	string	sort	`created_at:desc`
name optional	string	Name of key	`testkey`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.10 - List Users

3.1.10.1 - 1.1

scpcli kms kms list users
--key_id <value>

Description

Get List of users who use key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
user_id	User ID	138c2fc8c29a449dbfa8681f8f1d78e2
user_name	User Name	kimsamsung

3.1.10.2 - 1.0

scpcli kms kms list users
--key_id <value>

Description

Get List of users who use key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
user_id	User ID	138c2fc8c29a449dbfa8681f8f1d78e2
user_name	User Name	kimsamsung

3.1.11 - Make hmac

3.1.11.1 - 1.1

scpcli kms kms generate hmac
--key_id <value>
--input <value>

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
hmac	HMAC data	vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ=

3.1.11.2 - 1.0

scpcli kms kms generate hmac
--key_id <value>
--input <value>

Description

Generates a HMAC using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
hmac	HMAC data	vault:v1:/IHSD+Rg9BHNkmIiEunAPVj6IVaJqkjSO4GGvALHcVQ=

3.1.12 - Rewrap Data

3.1.12.1 - 1.1

scpcli kms kms rewrap
--key_id <value>
--ciphertext <value>

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
ciphertext required	string	Encrypted data by KMS	`vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`

Responses

Name	Description	Example
ciphertext	Rewrapped data by KMS	vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1

3.1.12.2 - 1.0

scpcli kms kms rewrap
--key_id <value>
--ciphertext <value>

Description

Rewraps the provided ciphertext using the latest version of key(Purpose: encryption/decryption).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
ciphertext required	string	Encrypted data by KMS	`vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK`

Responses

Name	Description	Example
ciphertext	Rewrapped data by KMS	vault:v283:YiUpW1bpF2fMY0VR33aQpik781Ul2gFPsfdwsypwouccHtPSfRaE40wTHHl4a5AK
key_version	Version of KMS key	1

3.1.13 - Rotate Key

3.1.13.1 - 1.1

scpcli kms kms rotate
--key_id <value>

Description

Rotate key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.13.2 - 1.0

scpcli kms kms rotate
--key_id <value>

Description

Rotate key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.14 - Show Key

3.1.14.1 - 1.1

scpcli kms kms show
--key_id <value>

Description

Show key.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.14.2 - 1.0

scpcli kms kms show
--key_id <value>

Description

Show key.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
auto_rotate	Auto rotate Y or N	Y
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
current_version	Current version of KMS key	7
delete_at	Date of deletion	20251008
delete_target_yn	DeleteTargetYn of Key	Y
description	Description of Key	description1
key_type	basic or advanced	advanced
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	testkey
next_rotate_at	Date of next rotate	20241008
order_ref	Reference of order	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
purpose	Purpose of key	rsa-2048
region	Name of region	kr-west1
rotate_cycle	Rotation cycle	7
secret_ref	Reference of secret	0e1bfdf8-a7da-43d3-8e8c-c9f34024ba01
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
use_count	Use count of KMS key	1004

3.1.15 - Sign Data

3.1.15.1 - 1.1

scpcli kms kms sign
--key_id <value>
--input <value>

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for Signature	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
key_version	Version of KMS key	1
signature	Signature data	vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=

3.1.15.2 - 1.0

scpcli kms kms sign
--key_id <value>
--input <value>

Description

Returns the cryptographic signature of the given data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for Signature	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
key_version	Version of KMS key	1
signature	Signature data	vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=

3.1.16 - Update Description

3.1.16.1 - 1.1

scpcli kms kms update description
--key_id <value>
--description <value>

Description

Update description.

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
description required	string	Description of Key	-

3.1.16.2 - 1.0

scpcli kms kms update description
--key_id <value>
--description <value>

Description

Update description.

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
description required	string	Description of Key	-

3.1.17 - Verify Data

3.1.17.1 - 1.1

scpcli kms kms verify
--key_id <value>
--signature <value>
--input <value>

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
signature required	string	Signature data	`vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
valid	Verify result	True

3.1.17.2 - 1.0

scpcli kms kms verify
--key_id <value>
--signature <value>
--input <value>

Description

Returns whether the provided signature is valid for the given data from either the sign data using key(Purpose: signature/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
signature required	string	Signature data	`vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`

Responses

Name	Description	Example
valid	Verify result	True

3.1.18 - Verify hmac with input

3.1.18.1 - 1.1

scpcli kms kms verify hmac
--key_id <value>
--input <value>
--hmac <value>

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (CURRENT)

Version	Supported Until
1.1	-

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`
hmac required	string	Signature data	`vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`

Responses

Name	Description	Example
valid	Verify result	True

3.1.18.2 - 1.0

scpcli kms kms verify hmac
--key_id <value>
--input <value>
--hmac <value>

Description

Returns whether the INPUT value is VALID or not using key(Purpose: create/verification).

State ACTIVE (DEPRECATED)

Version	Supported Until
1.0	20251231

Parameters

Name	Type	Description	Example
key_id required	string	Resource id of KMS key	`138c2fc8c29a449dbfa8681f8f1d78e2`
input required	string	Data(base64 encoded) for verification	`dGVzdCBpbnB1dA==`
hmac required	string	Signature data	`vault:v142:MEUCIQDt+iM27ZENLTxFCKH2krlvn2xRRuoqt8aU+xP/RYEJpgIgN6V6QjhpK4dA/vwgX95UW140ge167ECnLjccXDPbZAg=`

Responses

Name	Description	Example
valid	Verify result	True

4 - Secret Vault

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Secret Vault and how to call CLI. The output is formatted as a JSON string

Version

Version	Status	Supported Until
1.0	CURRENT	-

4.1 - CLIs

4.1.1 - Create Secret Vault

4.1.1.1 - 1.0

scpcli secretvault sv create
--vault_token_ttl_ndays <value>
--temporary_key_ttl_nhours <value>
--name <value>
--acl_cidr <value>
--access_key_id <value>
[--description <value>]
[--tags <value>]

Description

Create Secret Vault.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
vault_token_ttl_ndays required	integer	TTL of vault token	`720`
temporary_key_ttl_nhours required	integer	Temporary key valid hours	`3`
name required	string	Secret Vault Id	`name`
acl_cidr required	string	Access control list in CIDR	`192.168.1.1/24, 10.0.0.1/16`
access_key_id required	string	Id of access key	`b754b12b39da4ce29a40c5e324650bd0`
description optional	string	Description	`description`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
access_key_id	Id of access key	0e3dffc50eb247a1adf4f2e5c82c4f99
access_key_type	Type of access key	Temporary
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
delete_at	Date of deletion	2025-02-25 03:07:17.000
description	Description	description
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	vaultkey
temporary_key_ttl_nhours	Temporary key valid hours	36
user_name	User name	username
vault_token_expired_at	Vault Token expired date	2025-02-25 03:07:17.000
vault_token_id	Id of vault token	aace85da-965e-d95a-b4ed-8d32b5d6079
vault_token_secret_value	Secret of vault token	6171392c-5fd9-43db-9e15-e14af0068f96
vault_token_ttl_ndays	TTL of vault token	10
vaultkey_state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
vaultkey_type	Type of vault key	SCP Open API Key
waiting_time_ndays	Days remaining until deletion	10

4.1.2 - Delete Secret Vault

4.1.2.1 - 1.0

scpcli secretvault sv delete
--secret_vault_id <value>
--waiting_time_ndays <value>

Description

Change Secret Vault state to ‘To be terminated’.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_vault_id required	string	Secret Vault Id	`3265ab469f0d406d83073da3e11e7a6c`
waiting_time_ndays required	integer	Days remaining until deletion	`7`

4.1.3 - List Secret Vaults

4.1.3.1 - 1.0

scpcli secretvault sv list

Description

List Secret Vaults.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
access_key_id	Id of access key	0e3dffc50eb247a1adf4f2e5c82c4f99
access_key_type	Type of access key	Temporary
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
delete_at	Date of deletion	2025-02-25 03:07:17.000
description	Description	description
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	vaultkey
temporary_key_ttl_nhours	Temporary key valid hours	36
user_name	User name	username
vault_token_expired_at	Vault Token expired date	2025-02-25 03:07:17.000
vault_token_id	Id of vault token	[AES] SZtB6RasvLypCv4soJlQO3ZmYpUPjFblz7pstjBeTQJXcz/d5KB9TUR3gMY08mga4fxWaF6IfUzTMBh6j/CAaw==
vault_token_secret_value	Secret of vault token	[AES] 91/kdnK4NDfs2HGWgNH/EYNnqD7OcM1unXWs0ZAuaFttIqgP8xMUx0dOaRfD6kOD7uuujFxF2nzx35D9Gz9nwQ==
vault_token_ttl_ndays	TTL of vault token	10
vaultkey_state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
vaultkey_type	Type of vault key	SCP Open API Key
waiting_time_ndays	Days remaining until deletion	10

4.1.4 - Show Secret Vault

4.1.4.1 - 1.0

scpcli secretvault sv show
--secret_vault_id <value>

Description

Show Secret Vault.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_vault_id required	string	Secret Vault Id	`3265ab469f0d406d83073da3e11e7a6c`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
access_key	Access key	[‘0e3*****************************’]
access_key_id	Id of access key	0e3dffc50eb247a1adf4f2e5c82c4f99
access_key_type	Type of access key	[‘Temporary’, ‘Permanent’]
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
delete_at	Date of deletion	2025-02-25 03:07:17.000
description	Description of Key	description
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	[‘vaultkey’]
temp_key_expired_at	Temporary key expired date	2025-02-25 03:07:17.000
temporary_key_ttl_nhours	Temporary key valid hours	[‘36’]
vault_token_expired_at	Vault Token expired date	2025-02-25 03:07:17.000
vault_token_id	Id of vault token	aace85da-965e-d95a-b4ed-8d32b5d6079
vault_token_secret_value	Secret of vault token	6171392c-5fd9-43db-9e15-e14af0068f96
vault_token_ttl_ndays	TTL of vault token	[‘10’]
vaultkey_state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
vaultkey_type	Type of vault key	[‘SCP Open API Key’]
waiting_time_ndays	Days remaining until deletion	10

5 - Secrets Manager

Overview

Provides a Command-line Interface (CLI) that supports programmatic use of IaaS/PaaS products provided by SCP.

This guide provides a brief description of Secrets Manager and how to call CLI. The output is formatted as a JSON string

Version

Version	Status	Supported Until
1.0	CURRENT	-

5.1 - CLIs

5.1.1 - Create Secret

5.1.1.1 - 1.0

scpcli secretsmanager secret create
--secret_value <value>
--name <value>
--kms_id <value>
--acl_cidr <value>
[--description <value>]
[--tags <value>]

Description

Create secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_value required	string	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.	`{"key1":"value1","key2":"value2"}`
name required	string	Secret Name	`name`
kms_id required	string	Resource ID created in the Key Management Service (KMS) product	`3265ab469f0d406d83073da3e11e7a6c`
acl_cidr required	string	Access control list of secret in CIDR	`192.168.1.1/24, 10.0.0.1/16`
description optional	string	Description of secret	`description`
tags optional	array	Tag List'	`'{"key": "", "value": ""}'`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list of secret in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
deleted_at	Date of deletion	2025-02-25 03:07:17.000
description	Description of secret	description
kms_id	Resource ID created in the Key Management Service (KMS) product	3265ab469f0d406d83073da3e11e7a6c
kms_name	Resource name of KMS key	kmsname
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	my-secret-name
recent_searched_at	Date of recent search	2025-02-25 03:07:17.000
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
type	Type of secret	General

5.1.2 - Delete Secret

5.1.2.1 - 1.0

scpcli secretsmanager secret delete
--secret_id <value>
--waiting_time_ndays <value>

Description

Delete secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
waiting_time_ndays required	integer	Days remaining until deletion	`7`

5.1.3 - Generate Random Password

5.1.3.1 - 1.0

scpcli secretsmanager generate random password
[--exclude_characters <value>]
[--exclude_lowercase <value>]
[--exclude_numbers <value>]
[--exclude_punctuation <value>]
[--exclude_uppercase <value>]
[--include_space <value>]
[--password_length <value>]
[--require_each_included_type <value>]

Description

Generate random password.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
exclude_characters optional	string	Characters to exclude when generating password	`abcdefg`
exclude_lowercase optional	boolean	Option to exclude lowercase letters	`false`
exclude_numbers optional	boolean	Option to exclude numbers	`false`
exclude_punctuation optional	boolean	Option to exclude punctuation	`false`
exclude_uppercase optional	boolean	Option to exclude uppercase letters	`false`
include_space optional	boolean	Option to include spaces	`false`
password_length optional	integer	Length of the password to generate	`32`
require_each_included_type optional	boolean	Require all included character types	`true`

Responses

Name	Description	Example
random_password	Generate random password.	random-value

5.1.4 - List Secrets

5.1.4.1 - 1.0

scpcli secretsmanager secret list
[--size <value>]
[--page <value>]
[--sort <value>]
[--name <value>]
[--state <value>]

Description

List secrets.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
size optional	integer	size	`20`
page optional	integer	page	`0`
sort optional	string	sort	`created_at:desc`
name optional	string	Secret Name	`name`
state optional	array	Secret State	`A`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list of secret in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
deleted_at	Date of deletion	2025-02-25 03:07:17.000
description	Description of secret	description
kms_id	Resource ID created in the Key Management Service (KMS) product	3265ab469f0d406d83073da3e11e7a6c
kms_name	Resource name of KMS key	kmsname
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	my-secret-name
recent_searched_at	Date of recent search	2025-02-25 03:07:17.000
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
type	Type of secret	General

5.1.5 - List Versions of Secret

5.1.5.1 - 1.0

scpcli secretsmanager secret list version
--secret_id <value>

Description

List versions of secrets.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`

Responses

Name	Description	Example
version_list

5.1.6 - Restore Secret

5.1.6.1 - 1.0

scpcli secretsmanager secret restore
--secret_id <value>

Description

Cancel process of deleting secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`

5.1.7 - Set CIDR of Secret

5.1.7.1 - 1.0

scpcli secretsmanager secret set cidr
--secret_id <value>
--acl_cidr <value>

Description

Edit the IP CIDR value for access control when retrieving the value of a Secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
acl_cidr required	string	Access control list of secret in CIDR	`192.168.1.1/24, 10.0.0.1/16`

5.1.8 - Set Description of Secret

5.1.8.1 - 1.0

scpcli secretsmanager secret set description
--secret_id <value>
--description <value>

Description

Set description of secret.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
description required	string	Description of secret	`description`

5.1.9 - Set KMS ID of Secret

5.1.9.1 - 1.0

scpcli secretsmanager secret set kmsid
--secret_id <value>
--kms_id <value>

Description

Modify the KMS ID used to encrypt the secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
kms_id required	string	Resource ID created in the Key Management Service (KMS) product	`3265ab469f0d406d83073da3e11e7a6c`

5.1.10 - Set Label of Version

5.1.10.1 - 1.0

scpcli secretsmanager secret update label
--secret_id <value>
--label <value>
[--move_to_version_id <value>]
[--remove_from_version_id <value>]

Description

Labels are added, moved, or removed from a version. If only the move_to_version_id value is used, the label is added. If only the remove_from_version_id value is used, the label is removed. If both values are used, the label is moved from remove_from_version_id to move_to_version_id.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
label required	string	Label of secret version. Not allow duplication.	`My Custom Label`
move_to_version_id optional	string	Secret Version ID	`3265ab469f0d406d83073da3e11e7a6c`
remove_from_version_id optional	string	Secret Version ID	`3265ab469f0d406d83073da3e11e7a6c`

5.1.11 - Show Secret Detail

5.1.11.1 - 1.0

scpcli secretsmanager secret show
--secret_id <value>

Description

Show secret detail.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`

Responses

Name	Description	Example
id	ID	0fdd87aab8cb46f59b7c1f81ed03fb3e
account_id	Account ID	3265ab469f0d406d83073da3e11e7a6c
acl_cidr	Access control list of secret in CIDR	192.168.1.1/24, 10.0.0.1/16
created_at	Created At	2024-05-17T00:23:17Z
created_by	Created By	90dddfc2b1e04edba54ba2b41539a9ac
deleted_at	Date of deletion	2025-02-25 03:07:17.000
description	Description of secret	description
kms_id	Resource ID created in the Key Management Service (KMS) product	3265ab469f0d406d83073da3e11e7a6c
kms_name	Resource name of KMS key	kmsname
modified_at	Modified At	2024-05-17T00:23:17Z
modified_by	Modified By	90dddfc2b1e04edba54ba2b41539a9ac
name	Name of key	my-secret-name
recent_searched_at	Date of recent search	2025-02-25 03:07:17.000
state	State of key(Creating, Active, Error, Stop, To_Be_Terminated)	Active
type	Type of secret	General

5.1.12 - Show Secret Value

5.1.12.1 - 1.0

scpcli secretsmanager secret show value
--secret_id <value>
[--label <value>]
[--version_id <value>]

Description

Show secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
label optional	string	Label of secret version. Not allow duplication.	`CURRENT`
version_id optional	string	Secret Version ID	`e7b638507d9f4feeb6032a22b7640bf7`

Responses

Name	Description	Example
secret_value	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.	{“key1”:“value1”,“key2”:“value2”}

5.1.13 - Update Secret Value

5.1.13.1 - 1.0

scpcli secretsmanager secret update value
--secret_id <value>
--secret_value <value>

Description

Update secret value.

State ACTIVE (CURRENT)

Version	Supported Until
1.0	-

Parameters

Name	Type	Description	Example
secret_id required	string	Secret ID	`3265ab469f0d406d83073da3e11e7a6c`
secret_value required	string	The value of a Secret can be entered as a JSON string in key/value format, up to 10 pairs.	`{"key1":"value1","key2":"value2"}`