How to Create Asymmetirc Key Management Service on AWS

AWS Key Management Service (AWS KMS) supports asymmetric keys. We can create, manage, and use public/private key pairs to protect your application data using the new APIs via the AWS SDK.

Asymmetric KMS provides public & private Key pair that can be used for encrypt & decrypt the data.

  • Login to aws portal.
  • Click on Services.

 

Fig 1

 

  • Under Security, Identity,& Compliance select Key Management Service.

 

Fig 2

 

  • Click on Create Key.

 

Fig. 3

 

  • Select Asymmetric Key type.
  • Click on encrypt & decrypt.

 

Fig. 5

 

  • Select key spec.
  • Click on Next.

 

Fig. 6

 

  • Provide Alias name.
  • Click on Add Tag.

 

Fig. 7

 

  • Provide tag key name & value.

 

Fig. 8

 

 

Fig 9

 

  • Enable Key administrators to delete this key
  • Click on Next.

Fig 10

 

  • Select exiting Key usage permission

 

Fig 11

 

  • We can add multiple AWS account.
  • Click on Add another AWS account & provide AWS account ID.
  • Click on Next.

 

Fig 11

 

  • Review all Key Configurations.

 

Fig 11

 

  • Click on Finish.

 

Fig 12

 

  • After sometime Asymmetric KMS is ready.

 

Fig 13

 

Create Asymmetric KMS using Shell

aws kms create-key –key-usage <value>–tags TagKey=Name,TagValue=Test  –description “example” –customer-master-key-spec ASYMMETRIC_DEFAULT –origin <value

 

 

Leave a Reply