To call an API operation of Key Management Service (KMS), you must send an HTTPS GET or HTTPS POST request to a KMS endpoint. You must add request parameters when you call an API operation. After you call the API operation, the system returns a response. The request and response are encoded in UTF-8.
Request syntax
API operations of KMS use the RPC protocol. You can call API operations by sending HTTPS GET or HTTPS POST requests.
The following request syntax is used:
The following table describes the parameters in the request syntax.
Parameter | Description |
Endpoint | The endpoint of the KMS. For more information, see Endpoints. |
Action | The name of the operation that you want to call. For example, to create a key, you must set Action to CreateKey. |
Version | The API version. The API version of KMS is 2016-01-20. |
Parameters | The request parameter. Separate multiple request parameters with ampersands (&). Request parameters include both common parameters and operation-specific parameters. Common parameters include the API version number and authentication information. For more information, see Common parameters. |
Sample requests
In the following example, the CreateKey operation is called to create a key.
Note
The sample request is formatted to improve readability.
https:
&Format=json
&Version=2016-01-20
&AccessKeyId=te****
&Signature=YlrFhyqDZQ1ThNYARrv3Ptaxqf****
&SignatureMethod=HMAC-SHA1
&Timestamp=2016-03-25T09:36:58Z
&SignatureVersion=1.0
…
Endpoints
Regions in China
Region name | Region ID | Public endpoint | VPC address |
Region name | Region ID | Public endpoint | VPC address |
China (Hangzhou) | cn-hangzhou | kms.cn-hangzhou.aliyuncs.com | kms-vpc.cn-hangzhou.aliyuncs.com |
China (Shanghai) | cn-shanghai | kms.cn-shanghai.aliyuncs.com | kms-vpc.cn-shanghai.aliyuncs.com |
China (Shenzhen) | cn-shenzhen | kms.cn-shenzhen.aliyuncs.com | kms-vpc.cn-shenzhen.aliyuncs.com |
China (Heyuan) | cn-heyuan | kms.cn-heyuan.aliyuncs.com | kms-vpc.cn-heyuan.aliyuncs.com |
China (Guangzhou) | cn-guangzhou | kms.cn-guangzhou.aliyuncs.com | kms-vpc.cn-guangzhou.aliyuncs.com |
China (Qingdao) | cn-qingdao | kms.cn-qingdao.aliyuncs.com | kms-vpc.cn-qingdao.aliyuncs.com |
China (Beijing) | cn-beijing | kms.cn-beijing.aliyuncs.com | kms-vpc.cn-beijing.aliyuncs.com |
China (Zhangjiakou) | cn-zhangjiakou | kms.cn-zhangjiakou.aliyuncs.com | kms-vpc.cn-zhangjiakou.aliyuncs.com |
China (Hohhot) | cn-huhehaote | kms.cn-huhehaote.aliyuncs.com | kms-vpc.cn-huhehaote.aliyuncs.com |
China (Ulanqab) | cn-wulanchabu | kms.cn-wulanchabu.aliyuncs.com | kms-vpc.cn-wulanchabu.aliyuncs.com |
China (Chengdu) | cn-chengdu | kms.cn-chengdu.aliyuncs.com | kms-vpc.cn-chengdu.aliyuncs.com |
China (Hong Kong) | cn-hongkong | kms.cn-hongkong.aliyuncs.com | kms-vpc.cn-hongkong.aliyuncs.com |
Regions outside China
Region name | Region ID | Public endpoint | VPC address |
Region name | Region ID | Public endpoint | VPC address |
Singapore | ap-southeast-1 | kms.ap-southeast-1.aliyuncs.com | kms-vpc.ap-southeast-1.aliyuncs.com |
Malaysia (Kuala Lumpur) | ap-southeast-3 | kms.ap-southeast-3.aliyuncs.com | kms-vpc.ap-southeast-3.aliyuncs.com |
Indonesia (Jakarta) | ap-southeast-5 | kms.ap-southeast-5.aliyuncs.com | kms-vpc.ap-southeast-5.aliyuncs.com |
Philippines (Manila) Important In this region, only one zone exists and the service-level agreement (SLA) is not guaranteed. | ap-southeast-6 | kms.ap-southeast-6.aliyuncs.com | kms-vpc.ap-southeast-6.aliyuncs.com |
Thailand (Bangkok) Important In this region, only one zone exists and the SLA is not guaranteed. | ap-southeast-7 | kms.ap-southeast-7.aliyuncs.com | kms-vpc.ap-southeast-7.aliyuncs.com |
Japan (Tokyo) | ap-northeast-1 | kms.ap-northeast-1.aliyuncs.com | kms-vpc.ap-northeast-1.aliyuncs.com |
Germany (Frankfurt) | eu-central-1 | kms.eu-central-1.aliyuncs.com | kms-vpc.eu-central-1.aliyuncs.com |
UK (London) | eu-west-1 | kms.eu-west-1.aliyuncs.com | kms-vpc.eu-west-1.aliyuncs.com |
US (Silicon Valley) | us-west-1 | kms.us-west-1.aliyuncs.com | kms-vpc.us-west-1.aliyuncs.com |
US (Virginia) | us-east-1 | kms.us-east-1.aliyuncs.com | kms-vpc.us-east-1.aliyuncs.com |
UAE (Dubai) | me-east-1 | kms.me-east-1.aliyuncs.com | kms-vpc.me-east-1.aliyuncs.com |
Protocols
You must call API operations of KMS by sending HTTPS requests.
KMS supports only Transport Layer Security (TLS) 1.0 and later versions. KMS does not support SSL 2.0 or SSL 3.0.