search by keyword

Recent Pages

Documentation
Key Management Service
    Documentation

    CreateKey

    Last updated: 2020-07-03 17:28:25

    1. API Description

    Domain name for API request: kms.tencentcloudapi.com.

    Create a master key CMK (Custom Master Key) for user management data keys

    A maximum of 100 requests can be initiated per second for this API.

    We recommend you to use API Explorer
    Try it
    API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

    2. Input Parameters

    The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

    Parameter Name Required Type Description
    Action Yes String Common parameter. The value used for this API: CreateKey.
    Version Yes String Common parameter. The value used for this API: 2019-01-18.
    Region Yes String Common parameter. For more information, please see the list of regions supported by the product.
    Alias Yes String Unique alias that makes a key more recognizable and understandable. This parameter cannot be empty, can contain 1–60 letters, digits, -, and _, and must begin with a letter or digit. The kms- prefix is used for Tencent Cloud products.
    Description No String
    KeyUsage No String Key purpose. The default value is ENCRYPT_DECRYPT (creating a symmetric key for encryption and decryption). Other valid values include ASYMMETRIC_DECRYPT_RSA_2048 (creating an RSA2048 asymmetric key for encryption and decryption) and ASYMMETRIC_DECRYPT_SM2 (creating an SM2 asymmetric key for encryption and decryption).
    Type No Integer Specifies the key type. Default value: 1. Valid value: 1 - default type, indicating that the CMK is created by KMS; 2 - EXTERNAL type, indicating that you need to import key material. For more information, please see the GetParametersForImport and ImportKeyMaterial API documents.

    3. Output Parameters

    Parameter Name Type Description
    KeyId String Globally unique CMK ID
    Alias String Alias that makes a key more recognizable and understandable
    CreateTime Integer Key creation time in UNIX timestamp format
    Description String CMK description
    KeyState String CMK status
    KeyUsage String CMK usage
    TagCode Integer Tag operation return code. 0: success; 1: internal error; 2: business processing error
    TagMsg String Tag operation return information
    RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

    4. Example

    Example1 Creating a CMK

    This example shows you how to create a CMK used for data key management. The CMK can be used in other APIs to create data keys, perform encryption and decryption, and do more.

    Input Example

    https://kms.tencentcloudapi.com/?Action=CreateKey
&Alias=mykey
&KeyUsage=ENCRYPT_DECRYPT
&Description=test
&<common request parameters>

    Output Example

    {
  "Response": {
    "KeyId": "9999aed0-4956-11e9-bc70-5254005e86b4",
    "Alias": "alias-0001",
    "CreateTime": 1552897190,
    "Description": "test cmk",
    "KeyState": "Enabled",
    "KeyUsage": "ENCRYPT_DECRYPT",
    "RequestId": "850bf779-2249-4995-8c55-b3966daf0a8c"
  }
}

    5. Developer Resources

    API Explorer

    This tool allows online call, signature authentication, SDK code generation and quick search of APIs to greatly improve the efficiency of using TencentCloud APIs.

    SDK

    TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

    Command Line Interface

    6. Error Code

    The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

    Error Code Description
    InternalError Internal error.
    InvalidParameter Invalid parameter.
    InvalidParameterValue.AliasAlreadyExists The alias already exists.
    InvalidParameterValue.InvalidAlias Incorrect alias format
    InvalidParameterValue.InvalidKeyUsage Incorrect KeyUsage parameter.
    InvalidParameterValue.InvalidType Incorrect Type parameter.
    InvalidParameterValue.TagKeysDuplicated Duplicate tag key.
    InvalidParameterValue.TagsNotExisted The tag key or tag value does not exist.
    LimitExceeded.CmkLimitExceeded The number of CMKs has reached the upper limit.
    UnauthorizedOperation Unauthorized operation.
    UnsupportedOperation.UnsupportedKeyUsageInCurrentRegion The encryption method is not supported in the current region.

    Was this page helpful?

    Confirm

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Hide
    Submit a TicketContact Sales
    Help
    tencent
    Copyright © 2013-2020 Tencent Cloud. All Rights Reserved.
    Terms of ServicePrivacy PolicyCookie Policy