Set up communication between AWS Cloud Key Management and the CryptoHub

before the {{ch}} can push key material to aws kms, you must create credentials in the aws iam service and then configure them on the {{ch}} in aws iam, these credentials are access keys on the {{ch}} , the credentials are cloud credentials these credentials enable communication between the {{ch}} and aws kms create an access key in aws iam log in to the aws management console go to the identity and access management (iam) service https //console aws amazon com/iam/home on the right toolbar, under quick links , go to my security credentials go to the first tab, aws iam credentials under access keys for cli, sdk, and api access , select \[ create access key ] create a symmetric access key after you finish, you get the access key id and secret access key it comes in the following format access key id,secret access key accessid,accesskey this is the only time you can view your secret key, so either write the values down and add them to a csv file or use the on page option to download and save the csv copy or move the csv file containing the access key to the system you use to manage your {{ch}} device create a cloud credential on cryptohub log in to the {{ch}} application interface by using dual administrator users go to administrative services > identity management > cloud credentials right click the background and select add > cloud credential use the following information when creating the cloud credential option recommendation name choose a descriptive name service amazon web services access name leave this blank because it auto populates after import select \[ import ] and then select the csv file with your key ids select \[ ok ] to save