This topic describes how to use Key Management Service (KMS) to create a secret. KMS allows you to manage secrets in a centralized manner.


  1. Log on to the KMS console.
  2. In the top navigation bar, select the region where you want to create a secret.
  3. In the left-side navigation pane, click Secrets.
  4. Click Create Secret.
  5. In the Create Secret dialog box, configure parameters as prompted.
    Parameter Description
    Secret Name The name of the secret.
    Secret Value The value of the secret. Secrets Manager encrypts the secret value and stores it in the initial version.
    Secret InitVersion The number of the initial version. Version numbers are unique in each secret object.
    Encryption Master Key The customer master key (CMK) that is used for encryption. You can select a system-managed key or a custom key as the encryption CMK. The system-managed key is automatically distributed by Secrets Manager. The custom key is the CMK that you created in KMS.
    Secret Description The description of the secret.
  6. Click OK.
    After the secret is created, you can view detailed information such as the secret name, encryption key, and creation time.