ImportKeyPair - Elastic Compute Service - Alibaba Cloud Documentation Center

Imports the public key of a Rivest–Shamir–Adleman (RSA)-encrypted key pair that is generated by a third-party tool. After the key pair is imported, Alibaba Cloud stores the public key. You must securely lock away the private key.

Operation description

Take note of the following items:

A maximum of 500 key pairs can be created in each region.
The key pair to be imported must support one of the following encryption methods:
- rsa
- dsa
- ssh-rsa
- ssh-dss
- ecdsa
- ssh-rsa-cert-v00@openssh.com
- ssh-dss-cert-v00@openssh.com
- ssh-rsa-cert-v01@openssh.com
- ssh-dss-cert-v01@openssh.com
- ecdsa-sha2-nistp256-cert-v01@openssh.com
- ecdsa-sha2-nistp384-cert-v01@openssh.com
- ecdsa-sha2-nistp521-cert-v01@openssh.com

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	Yes	The region ID. You can call the DescribeRegions operation to query the most recent region list.	cn-hangzhou
KeyPairName	string	Yes	The name of the key pair. The name must be unique. It must be 2 to 128 characters in length. It must start with a letter and cannot start with http:// or https://. It can contain letters, digits, colons (:), underscores (_), and hyphens (-).	testKeyPairName
PublicKeyBody	string	Yes	The public key of the key pair.	ABC1234567
ResourceGroupId	string	No	The ID of the enterprise resource group to which the SSH key pair belongs.	rg-bp67acfmxazb4p****
Tag	array<object>	No	The tags to add to the key pair.
	object	No	The tag to add to the key pair.
Key	string	No	The key of tag N to add to the key pair. Valid values of N: 1 to 20. The tag key cannot be an empty string. The tag key can be up to 128 characters in length and cannot contain http:// or https://. The tag key cannot start with acs: or aliyun.	TestKey
Value	string	No	The value of tag N to add to the key pair. Valid values of N: 1 to 20. The tag value can be an empty string. The tag value can be up to 128 characters in length and cannot contain http:// or https://. The tag value cannot start with acs:.	TestValue

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The request ID.	473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E
KeyPairName	string	The name of the key pair.	testKeyPairName
KeyPairFingerPrint	string	The fingerprint of the key pair. The MD5 message-digest algorithm is used based on the public key fingerprint format defined in RFC 4716.	89:f0:ba:62:ac:b8:aa:e1:61:5e:fd:81:69:86:6d:6b:f0:c0:5a:**

Examples

Sample success responses

JSONformat

{
  "RequestId": "473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E",
  "KeyPairName": "testKeyPairName",
  "KeyPairFingerPrint": "89:f0:ba:62:ac:b8:aa:e1:61:5e:fd:81:69:86:6d:6b:f0:c0:5a:**"
}

Error codes

HTTP status code	Error code	Error message	Description
400	InvalidKeyPairName.Malformed	Specified Key Pair name is not valid.	-
400	InvalidPublicKeyBody.Malformed	The PublicKeyBody format is not supported.	The public key format is not supported.
400	MissingParameter	The input parameter "PublicKeyBody" that is mandatory for processing this request is not supplied.	-
400	KeyPair.AlreadyExist	The key pair already exist.	A key pair with the same name already exists. Key pair names must be unique.
403	QuotaExceed.KeyPair	The key pair quota exceeds.	The maximum number of key pairs has been reached.
404	InvalidResourceGroup.NotFound	The ResourceGroup provided does not exist in our records.	The specified resource group does not exist.
500	InternalError	The request processing has failed due to some unknown error.	An internal error has occurred. Try again later.

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2023-07-17	The Error code has changed	View Change Details