edit-icon download-icon

CreateKey

Last Updated: Aug 08, 2018

Description

Creates a CMK in the caller’s account. You can use a CMK to encrypt small amounts of data (6 KB or less) directly, but CMKs are more commonly used to encrypt DataKey. For more information about Datakey, see GenerateDataKey.

Request parameters

Name Type Required Description
Origin String Yes The source of the CMK’s key material. We recommend that you are fully aware of how to ImportKeyMaterial before you select External.
Description String No The description of the CMK. Length Constraints: Minimum length of 0. Maximum length of 8192.
KeyUsage String No The intended use of the CMK. Default value: ENCRYPT/DECRYPT. You can use CMKs for encryption and decryption.

Response parameters

Name Type Description
KeyMetadata KeyMetadata Contains metadata about a CMK.

KeyMetadata

Name Type Description
CreationDate Timestamp The date and time when the CMK was created.
Description String The description of the CMK.
KeyId String The globally unique identifier for the CMK.
KeyState String The state of the CMK. For more information, see Impact of CMK states on API call.
KeyUsage String The cryptographic operations for which you can use the CMK.
DeleteDate Timestamp The date and time after which KMS deletes the CMK. This value is present only when KeyState is PendingDeletion, otherwise this value is omitted.
Creator String The creator of the CMK.
Arn String The Alibaba Cloud Resource Name (ARN) of the CMK. For more information, see Permissions.
Origin String The source of the CMK’s key material.
MaterialExpireTime String The date and time the key expires (UTC). If the value is omitted, the key does not expire.

Examples

Request example

  1. https://kms.cn-hangzhou.aliyuncs.com/?Action=CreateKey
  2. &Description=test
  3. &KeyUsage=ENCRYPT/DECRYPT
  4. &<Common Request Parameters>

Response example

JSON format

  1. //json response
  2. {
  3. "KeyMetadata": {
  4. "CreationDate": "2016-03-25T10:42:40Z",
  5. "Description": "key description example",
  6. "KeyId": "08c33a6f-4e0a-4a1b-a3fa-7ddfa1d4fb73",
  7. "KeyState": "Enabled",
  8. "KeyUsage": "ENCRYPT/DECRYPT",
  9. "DeleteDate": "",
  10. "Creator":"123456",
  11. "Arn":"acs:kms:cn-hangzhou:123456:key/08c33a6f-4e0a-4a1b-a3fa-7ddfa1d4fb73",
  12. "Origin":"Aliyun_KMS",
  13. "MaterialExpireTime":""
  14. },
  15. "RequestId": "3455b9b4-95c1-419d-b310-db6a53b09a39"
  16. }

XML format

  1. //xml response
  2. <KMS>
  3. <KeyMetadata>
  4. <CreationDate>2016-03-25T10:40:47Z</CreationDate>
  5. <Description>key description example</Description>
  6. <KeyId>08c33a6f-4e0a-4a1b-a3fa-7ddfa1d4fb73</KeyId>
  7. <KeyState>Enabled</KeyState>
  8. <KeyUsage>ENCRYPT/DECRYPT</KeyUsage>
  9. <DeleteDate></DeleteDate>
  10. <Creator>123456</Creator>
  11. <Arn>acs:kms:cn-hangzhou:123456:key/08c33a6f-4e0a-4a1b-a3fa-7ddfa1d4fb73</Arn>
  12. <Origin>Aliyun_KMS</Origin>
  13. <MaterialExpireTime></MaterialExpireTime>
  14. </KeyMetadata>
  15. <RequestId>6cb4bf6b-d9c9-4660-af5f-2328378e7257</RequestId>
  16. </KMS>
Thank you! We've received your feedback.