Scenario
You can create a CMK in the Tencent Cloud KMS Console or by using the CreateKey API. Once created, you can enable, disable, rotate, and manage permissions for the CMK. This document describes how to create a CMK through the console.
Instructions
1. Log in to the Key Management System (Compliance) console.
2. Select the region where you want to create the key, and click Create.
3. In the pop-up configuration box, enter the following information:
Key Name: This is required and must be unique within the region. It can contain letters, numbers,
_, -, and cannot begin with "KMS-".Description: Optional, used to describe the type of data you plan to protect or the application intended to be used in conjunction with the CMK.
Tags: Optional, Tags are resource management tools provided by Tencent Cloud, allowing users to categorize, search, and aggregate keys by adding tags.
Key Usage: This is required and supports symmetric encryption and decryption, asymmetric encryption and decryption, or asymmetric signature verification.
Key Material Source: Required, choose the key generation method, either KMS-generated or user-imported key material.
Note
When the key material is sourced externally, only symmetric encryption and decryption purposes are supported.
4. After clicking Confirm, you will return to the Key List, and the newly created key will appear at the top of the list.