Overview
The CreateKey API can be called to create a customer master key (CMK) used for DEK management. The CMK can be used in other APIs to create DEKs, perform encryption and decryption, and do more.
The Alias is a required parameter in this API operation. You can refer to the CreateKey API documentation to add additional descriptions to the CMK.
This example uses Tencent Cloud's Command Line Tool TCCLI. You can use any supported programming language for subsequent calls.
Sample
This example shows you how to create a key named
test-gz01 in Guangzhou region with the description this is test for gz key.Input
tccli kms CreateKey --region ap-guangzhou --Alias test-gz01 --Description 'this is test for gz key'
Output
After creation, the key will be enabled by default, with the key rotation feature disabled.
{"KeyId": "6xxxxxxx-xxxx-xxxx-xxxx-5xxxxxxxxc09","Description": "this is test for gz key","Alias": "test-gz01","KeyUsage": "ENCRYPT_DECRYPT","RequestId": "994bbd90-7c8e-4522-85f2-c712da23f863","KeyState": "Enabled","CreateTime": 1571903621}