Create a key

Create a key in Cloud-native API Gateway to securely store credentials in Key Management Service (KMS).

Prerequisites

A KMS instance is available. Purchase and enable a KMS instance.
A KMS master key is configured for encryption. Manage keys.

Create a key

Log on to the Cloud-native API Gateway console.
In the left-side navigation pane, choose Key.

In the upper-left corner, click Create key and configure the following parameters.

Note

If the service-linked role is not authorized, click Authorization to grant the AliyunServiceRoleForNativeApiGwInvokeKMS service-linked role to Cloud-native API Gateway. service-linked role.

Configuration Item	Description
Key Name	Name of the key. Note Must be unique. Supports letters, digits, and underscores (_). Maximum length: 64 characters.
Credential Source	Default: KMS.
KMS Instance	KMS instance that stores the key.
KMS Master Key	KMS master key used for encryption.
KMS Credential Value	Credential to encrypt and store. The value is synced to KMS as a credential resource.

Click OK.