This document describes how to activate Key Management Service (KMS) in Secrets Manager (SSM) and authorize SSM. It also guides you on how to use KMS to encrypt secrets in SSM.
Secret management is important for the OPS security of an enterprise IT system. You can use SSM to host secrets of all types, including access keys, API keys, private keys, account passwords, and much more. SSM uses keys hosted in Tencent Cloud KMS to encrypt and protect secrets, ensuring secret security on the server. With a more secure and convenient SSM, you no longer need to build and maintain infrastructure for secret management.
When SSM uses KMS hosted keys for encryption, KMS fees might be incurred. For more information, please see Billing Overview.
To activate KMS and authorize SSM, you can perform the following steps:
As the core resources of KMS, CMKs are protected by hardware security modules certified by third parties. CMK contains metadata information such as key ID, creation date, description, and key status.
When using SSM to create secrets, you will be provided with two types of encryption keys. Select a type as needed.