How Do You Create a Customer Master Key in AWS?

Problem scenario
You want to create a CMK in Amazon web servers. What do you do?

Solution
Use Secrets Manager with Amazon's Key Management Service.

1. Log into the AWS console.
2. Go to "Key Management Service"
3. Click on "Create key"
4. Enter an "Alias". Normally you won't click on the "Advanced options" unless you have a special reason. Click "Next".
5. Respond to the prompts and click "Next" until you get to the end. You will be given the opportunity to configure the key to have certain Amazon roles administrative permissions and key usage permissions.

The key administrators will be able to administer the key itself to other users/roles. The users of the key will be able to encrypt and decrypt based on the key. If you want to create your own Amazon roles, see this posting.

6. Click "Finish"

Leave a comment

Your email address will not be published. Required fields are marked *