Help Center/ Data Encryption Workshop/ User Guide/ Cloud Secret Management Service/ Creating a Shared Secret
Updated on 2024-09-29 GMT+08:00
View PDF

Creating a Shared Secret

This section describes how to create a secret on the CSMS console.

You can create a secret and store its value in its initial version, which is marked as SYSCURRENT.

Constraints

  • A user can create a maximum of 200 secrets.
  • By default, the default key csms/default created by CSMS is used as the encryption key of the current secret. You can also create a user-defined symmetric key and use a user-defined encryption key on the KMS console.

Creating a Secret

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click . ChooseSecurity > Data Encryption Workshop.
  4. In the navigation pane, choose Cloud Secret Management Service.
  5. Click Create Secret. Configure parameters in the Create Secret dialog box, as shown in Figure 1. For details, see Table 1.

    Figure 1 Creating a secret
    Table 1 Secret parameters

    Parameter

    Description

    Type

    Secret type. The default value is Shared secret.

    Secret Name

    Secret name

    NOTE:

    Only letters, digits, hyphens (-), and underscores (_) are supported.

    Enterprise Project

    This parameter is provided for enterprise users. If you are an enterprise user and have created an enterprise project, select the required enterprise project from the drop-down list. The default project is default.

    NOTE:

    If you have not enabled enterprise management, this parameter will not be displayed.

    Secret Value

    Secret key/value pair and the plaintext secret to be encrypted

    Description (optional)

    Description of a secret

    KMS Encryption Key

    Select the default key csms/default or a custom key created on KMS.

    NOTE:
    • CSMS encrypts private keys using the encryption key provided by KMS. When you use the KMS encryption function of the key pair, KMS creates a default key csms/default for you to use.
    • For details about the custom keys created on KMS, see Creating a Key.
    • After a grant is created, you can switch to the manual input mode, and enter the key ID to use the granted key for encryption. For details, see .

    Associated Event

    When creating a secret, you can associate it with a secret event. You can add, delete, modify, and query secret versions on the event notification page.

  6. Click Next and set the rotation period.
  7. Click Next and confirm the creation information.
  8. Click OK.

    In the secret list, you can view the created secrets. The default status of a secret is Enabled.