Creating Azure Keys
Use the post /v1/cckm/azure/keys
API to create Azure keys.
Note
If the name of the new key and the existing key are the same, a new version of the existing key will be created.
Syntax
Request Parameters
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
azure_param | JSON | Azure key parameters. Refer to Azure Parameters for details. |
key_name | string | Name for the Azure key. Key names can only contain alphanumeric characters and dashes. |
key_vault | string | Name or ID of the Azure vault where the key will be created. |
Azure Parameters
Parameter | Type | Description |
---|---|---|
kty | string | Type of key to create. Possible options are: • EC- "Soft" Elliptic Curve key. • EC-HSM- "Hard" Elliptic Curve key (only for premium key vaults). • RSA- "Soft" RSA key. • RSA-HSM- "Hard" RSA key (only for premium key vaults). |
attributes | JSON | Attributes for the key such as exp, enabled, and nbf. Possible option are: • nbf - Activation date for the key in Unix Epoch time format. For example, the corresponding epoch time for September 9, 2022, 5:52:20 AM is 1662702740. • exp - Expiration date for the key in Unix Epoch time format. For example, the corresponding epoch time for September 9, 2022, 5:52:20 AM is 1662702740. • enabled - Specify whether the key is enabled or disabled (true/false). |
crv | string | Elliptical curve name for the key. Possible options are: • P-256 • P-384 • P-521 • SECP256K1 |
key_ops | array of strings | Cryptographic operations performed by the key. Possible options are: • encrypt • decrypt • sign • verify • wrapKey • unwrapKey • import (applicable to RSA-HSM keys). This parameter is mandatory when creating a KEK. |
key_size | integer | Size for the RSA and RSA-HSM keys. Possible options are: • 2048 • 3072 • 4096 |
tags | JSON | An optional parameter to add additional information to the key. The value must be specified as the key-value pair. Refer to the following rules on tag values. |
CCKM allows the following characters in tag values:
Alphanumeric characters
Special characters ** ! @ # $ ) ( { } > < ? + - / [ ] ^ & + = | ~ ` ; . ' _ **
CCKM does not allow colon (:) and percent (%) special characters in tag values.
Example Request
Example Response
The sample output shows that a key (Test-key
) is created in the Azure key vault (keyvault-softkeys
). A unique ID (94a392f3-52e8-4542-90b6-b8554c046492
) for the key is returned. As the key is created in Azure vault, key material's origin is native
.
To know more about response parameters, refer to Response Parameters of Key Life Cycle Management APIs.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.