SkillHub ClubRun DevOpsFull StackBackendSecurity

alicloud-security-kms

Manage Alibaba Cloud Key Management Service (KMS) via OpenAPI/SDK. Use whenever the user needs key lifecycle/resource operations, policy/configuration changes, status inspection, or troubleshooting KMS API workflows.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars

3,108

Hot score

Updated

March 20, 2026

Overall rating

C0.0

Composite score

0.0

Best-practice grade

A92.0

Install command

npx @skill-hub/cli install openclaw-skills-alicloud-security-kms

Repository

openclaw/skills

Skill path: skills/cinience/alicloud-security-kms

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: Full Stack, Backend, Security.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: openclaw.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

Install alicloud-security-kms into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
Review https://github.com/openclaw/skills before adding alicloud-security-kms to shared team environments
Use alicloud-security-kms for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: alicloud-security-kms
description: Manage Alibaba Cloud Key Management Service (KMS) via OpenAPI/SDK. Use whenever the user needs key lifecycle/resource operations, policy/configuration changes, status inspection, or troubleshooting KMS API workflows.
version: 1.0.0
---

Category: service

# Key Management Service

## Validation

```bash
mkdir -p output/alicloud-security-kms
python -m py_compile skills/security/key-management/alicloud-security-kms/scripts/list_openapi_meta_apis.py && echo "py_compile_ok" > output/alicloud-security-kms/validate.txt
```

Pass criteria: command exits 0 and `output/alicloud-security-kms/validate.txt` is generated.

## Output And Evidence

- Save KMS API discovery outputs and operation results in `output/alicloud-security-kms/`.
- Keep at least one request parameter example per operation type.

Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for KeyManagementService.

## Workflow

1) Confirm region, resource identifiers, and desired action.
2) Discover API list and required parameters (see references).
3) Call API with SDK or OpenAPI Explorer.
4) Verify results with describe/list APIs.

## AccessKey priority (must follow)

1) Environment variables: `ALICLOUD_ACCESS_KEY_ID` / `ALICLOUD_ACCESS_KEY_SECRET` / `ALICLOUD_REGION_ID`
Region policy: `ALICLOUD_REGION_ID` is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
2) Shared config file: `~/.alibabacloud/credentials`

## API discovery

- Product code: `Kms`
- Default API version: `2016-01-20`
- Use OpenAPI metadata endpoints to list APIs and get schemas (see references).

## High-frequency operation patterns

1) Inventory/list: prefer `List*` / `Describe*` APIs to get current resources.
2) Change/configure: prefer `Create*` / `Update*` / `Modify*` / `Set*` APIs for mutations.
3) Status/troubleshoot: prefer `Get*` / `Query*` / `Describe*Status` APIs for diagnosis.

## Minimal executable quickstart

Use metadata-first discovery before calling business APIs:

```bash
python scripts/list_openapi_meta_apis.py
```

Optional overrides:

```bash
python scripts/list_openapi_meta_apis.py --product-code <ProductCode> --version <Version>
```

The script writes API inventory artifacts under the skill output directory.

## Output policy

If you need to save responses or generated artifacts, write them under:
`output/alicloud-security-kms/`

## Prerequisites

- Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables: `ALICLOUD_ACCESS_KEY_ID`, `ALICLOUD_ACCESS_KEY_SECRET`, optional `ALICLOUD_REGION_ID`.
- If region is unclear, ask the user before running mutating operations.

## References

- Sources: `references/sources.md`


---

## Referenced Files

> The following files are referenced in this skill and included for context.

### scripts/list_openapi_meta_apis.py

```python
#!/usr/bin/env python3
"""Fetch OpenAPI metadata API list for one product/version and save to output/.

Env:
- OPENAPI_META_TIMEOUT (seconds, default: 20)
"""

from __future__ import annotations

import argparse
import json
import os
import pathlib
import urllib.request

DEFAULT_PRODUCT_CODE = "Kms"
DEFAULT_VERSION = "2016-01-20"
OUTPUT_DIR = pathlib.Path("output/alicloud-security-kms")


def fetch_json(url: str, timeout: int) -> dict:
    req = urllib.request.Request(url, headers={"User-Agent": "codex-skill"})
    with urllib.request.urlopen(req, timeout=timeout) as resp:
        return json.loads(resp.read().decode("utf-8"))


def main() -> None:
    parser = argparse.ArgumentParser()
    parser.add_argument("--product-code", default=DEFAULT_PRODUCT_CODE)
    parser.add_argument("--version", default=DEFAULT_VERSION)
    parser.add_argument("--output-dir", default=str(OUTPUT_DIR))
    args = parser.parse_args()

    timeout = int(os.getenv("OPENAPI_META_TIMEOUT", "20"))
    output_dir = pathlib.Path(args.output_dir)
    output_dir.mkdir(parents=True, exist_ok=True)

    url = (
        f"https://api.aliyun.com/meta/v1/products/{args.product_code}"
        f"/versions/{args.version}/api-docs.json"
    )
    payload = fetch_json(url, timeout)

    raw_apis = payload.get("apis", {})
    if isinstance(raw_apis, dict):
        api_names = sorted(raw_apis.keys())
    elif isinstance(raw_apis, list):
        names = []
        for item in raw_apis:
            if isinstance(item, dict):
                name = item.get("name") or item.get("apiName")
                if name:
                    names.append(name)
            elif isinstance(item, str):
                names.append(item)
        api_names = sorted(set(names))
    else:
        api_names = []

    json_file = output_dir / f"{args.product_code}_{args.version}_api_docs.json"
    md_file = output_dir / f"{args.product_code}_{args.version}_api_list.md"

    json_file.write_text(json.dumps(payload, ensure_ascii=False, indent=2), encoding="utf-8")
    md_lines = [
        f"# {args.product_code} {args.version} API List",
        "",
        f"- Source: {url}",
        f"- API count: {len(api_names)}",
        "",
    ]
    md_lines.extend([f"- `{name}`" for name in api_names])
    md_file.write_text("\n".join(md_lines) + "\n", encoding="utf-8")

    print(f"Saved: {json_file}")
    print(f"Saved: {md_file}")


if __name__ == "__main__":
    main()

```

### references/sources.md

```markdown
# Sources

- OpenAPI product page: `https://api.aliyun.com/product/Kms`
- API list (metadata): `https://api.aliyun.com/meta/v1/products/Kms/versions/2016-01-20/api-docs.json`
- API definition (single API): `https://api.aliyun.com/meta/v1/products/Kms/versions/2016-01-20/apis/{ApiName}/api.json`

```



---

## Skill Companion Files

> Additional files collected from the skill directory layout.

### _meta.json

```json
{
  "owner": "cinience",
  "slug": "alicloud-security-kms",
  "displayName": "Alicloud Security Kms",
  "latest": {
    "version": "1.0.3",
    "publishedAt": 1773222052685,
    "commit": "https://github.com/openclaw/skills/commit/6320bc7ce104c1ebed2d5cca02e7de855c231391"
  },
  "history": [
    {
      "version": "1.0.2",
      "publishedAt": 1770973241444,
      "commit": "https://github.com/openclaw/skills/commit/8396dbe13c7c3de1e6202c61f957c2664c19b9e1"
    },
    {
      "version": "1.0.1",
      "publishedAt": 1770768591464,
      "commit": "https://github.com/openclaw/skills/commit/2a32fc5513d3aeabc874c4aab31c80745cc8e132"
    }
  ]
}

```