AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Creates a display name for a customer managed customer master key (CMK). You can use an alias to identify a CMK in cryptographic operations, such as Encrypt and GenerateDataKey. You can change the CMK associated with the alias at any time.

Aliases are easier to remember than key IDs. They can also help to simplify your applications. For example, if you use an alias in your code, you can change the CMK your code uses by associating a given alias with a different CMK.

To run the same code in multiple AWS regions, use an alias in your code, such as alias/ApplicationKey. Then, in each AWS Region, create an alias/ApplicationKey alias that is associated with a CMK in that Region. When you run your code, it uses the alias/ApplicationKey CMK for that AWS Region without any Region-specific code.

This operation does not return a response. To get the alias that you created, use the ListAliases operation.

To use aliases successfully, be aware of the following information.

Because an alias is not a property of a CMK, you can delete and change the aliases of a CMK without affecting the CMK. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases and alias ARNs of CMKs in each AWS account and Region, use the ListAliases operation.

The CMK that you use for this operation must be in a compatible key state. For details, see How Key State Affects Use of a Customer Master Key in the AWS Key Management Service Developer Guide.

Note:

For .NET Core this operation is only available in asynchronous form. Please refer to CreateAliasAsync.

Namespace: Amazon.KeyManagementService
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z

Syntax

C#
public virtual CreateAliasResponse CreateAlias(
         CreateAliasRequest request
)
Parameters
request
Type: Amazon.KeyManagementService.Model.CreateAliasRequest

Container for the necessary parameters to execute the CreateAlias service method.

Return Value
The response from the CreateAlias service method, as returned by KeyManagementService.

Exceptions

ExceptionCondition
AlreadyExistsException The request was rejected because it attempted to create a resource that already exists.
DependencyTimeoutException The system timed out while trying to fulfill the request. The request can be retried.
InvalidAliasNameException The request was rejected because the specified alias name is not valid.
KMSInternalException The request was rejected because an internal exception occurred. The request can be retried.
KMSInvalidStateException The request was rejected because the state of the specified resource is not valid for this request. For more information about how key state affects the use of a CMK, see How Key State Affects Use of a Customer Master Key in the AWS Key Management Service Developer Guide.
LimitExceededException The request was rejected because a quota was exceeded. For more information, see Quotas in the AWS Key Management Service Developer Guide.
NotFoundException The request was rejected because the specified entity or resource could not be found.

Examples

The following example creates an alias for the specified customer master key (CMK).

To create an alias


var response = client.CreateAlias(new CreateAliasRequest 
{
    AliasName = "alias/ExampleAlias", // The alias to create. Aliases must begin with 'alias/'. Do not use aliases that begin with 'alias/aws' because they are reserved for use by AWS.
    TargetKeyId = "1234abcd-12ab-34cd-56ef-1234567890ab" // The identifier of the CMK whose alias you are creating. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.
});


            

Version Information

.NET Framework:
Supported in: 4.5, 4.0, 3.5

See Also