AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Creates a customer master key (CMK) in the caller's AWS account.

You can use a CMK to encrypt small amounts of data (4 KiB or less) directly. But CMKs are more commonly used to encrypt data encryption keys (DEKs), which are used to encrypt raw data. For more information about DEKs and the difference between CMKs and DEKs, see the following:

You cannot use this operation to create a CMK in a different AWS account.


For .NET Core and PCL this operation is only available in asynchronous form. Please refer to CreateKeyAsync.

Namespace: Amazon.KeyManagementService
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z


public abstract CreateKeyResponse CreateKey(
         CreateKeyRequest request
Type: Amazon.KeyManagementService.Model.CreateKeyRequest

Container for the necessary parameters to execute the CreateKey service method.

Return Value
The response from the CreateKey service method, as returned by KeyManagementService.


DependencyTimeoutException The system timed out while trying to fulfill the request. The request can be retried.
InvalidArnException The request was rejected because a specified ARN was not valid.
KMSInternalException The request was rejected because an internal exception occurred. The request can be retried.
LimitExceededException The request was rejected because a limit was exceeded. For more information, see Limits in the AWS Key Management Service Developer Guide.
MalformedPolicyDocumentException The request was rejected because the specified policy is not syntactically or semantically correct.
TagException The request was rejected because one or more tags are not valid.
UnsupportedOperationException The request was rejected because a specified parameter is not supported or a specified resource is not valid for this operation.


The following example creates a CMK.

To create a customer master key (CMK)

var response = client.CreateKey(new CreateKeyRequest 
    Tags = new List {
        new Tag {
            TagKey = "CreatedBy",
            TagValue = "ExampleUser"
    } // One or more tags. Each tag consists of a tag key and a tag value.

KeyMetadata keyMetadata = response.KeyMetadata; // An object that contains information about the CMK created by this operation.


Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5

Portable Class Library:
Supported in: Windows Store Apps
Supported in: Windows Phone 8.1
Supported in: Xamarin Android
Supported in: Xamarin iOS (Unified)
Supported in: Xamarin.Forms

See Also