Cloud-native API Gateway lets you create, store, and manage keys. All keys are centrally managed in Key Management Service (KMS) to ensure the secure storage and use of your credentials. This topic describes how to create a key in the Cloud-native API Gateway console.
Prerequisites
You have created a KMS instance. For more information, see Purchase and enable a KMS instance.
You have configured a KMS master key for encryption. For more information, see Manage keys.
Create a key
Log on to the Cloud-native API Gateway console.
In the navigation pane on the left, choose Keys.
In the upper-left corner of the page, click Create Key. On the Create Key page, configure the parameters for the key.
NoteIf the service-linked role is not granted, click Grant Authorization to grant the service-linked role
AliyunServiceRoleForNativeApiGwInvokeKMSto Cloud-native API Gateway. For more information, see Service-linked Role.Configuration Item
Description
Key Name
The name of the key.
NoteThe key name must be unique. It can contain letters, digits, and underscores (_). The name can be up to 64 characters in length.
Credential Source
KMS is selected by default.
KMS Instance
Specify the KMS instance to which the key belongs.
KMS Master Key
Select the master key in KMS that is used for encryption.
KMS Credential Value
The credential information that you want to encrypt and store. This information is synchronized to KMS and used as a credential resource.
Click OK to create the key.