edit-icon download-icon


Last Updated: Apr 02, 2018


Encrypts plaintext into ciphertext by using a CMK. The Encrypt operation has two primary use cases:

  • You can encrypt up to 4 KB of arbitrary data such as an RSA key, a database password, or other sensitive information.
  • To move encrypted data from one region to another, you can use this operation to encrypt in the new region the plaintext data key that was used to encrypt the data in the original region. This provides you with an encrypted copy of the data key that can be decrypted in the new region and used there to decrypt the encrypted data.

Request parameters

Name Type Required Description
KeyId String Yes Globally unique identifier of CMK. You can user aliases to call this API. For more information, see Alias Instructions.
Plaintext String Yes Data to be encrypted. The value is Base64-encoded.
EncryptionContext String to string map No Name-value pair that specifies the encryption context to be used for authenticated encryption. If used here, the same value must be supplied to the Decrypt API or decryption will fail. For more information, see EncryptionContext.

Response parameters

Name Type Description
KeyId String Globally unique identifier of CMK. If you use an alias in request, the CMK ID of the alias is returned.
CiphertextBlob String The encrypted data encryption key. The value is Base64-encoded.


Request example

  1. https://kms.cn-hangzhou.aliyuncs.com/?Action=Encrypt
  2. &KeyId=<cmkid or aliasname>
  3. &Plaintext=<data need encrypt>
  4. &EncryptionContext={"Example":"Example"}
  5. &<Common Request Parameters>

Response example

JSON format

  1. //json response
  2. {
  3. "KeyId": "5c438b18-05be-40ad-b6c2-3be6752cfa7e",
  4. "CiphertextBlob": "CiphertextBlob",
  5. "RequestId": "475f1620-b9d3-4d35-b5c6-3fbdd941423d"
  6. }

XML format

  1. //xml response
  2. <KMS>
  3. <KeyId>5c438b18-05be-40ad-b6c2-3be6752cfa7e</KeyId>
  4. <CiphertextBlob>CiphertextBlob</CiphertextBlob>
  5. <RequestId>475f1620-b9d3-4d35-b5c6-3fbdd941423d/RequestId>
  6. </KMS>
Thank you! We've received your feedback.