Breadcrumbs

Download Public Key and Import Token: GUI

  1. Open Key Management Service > Customer managed keys > <KeyID> > Import key material.

  2. Select wrapping mechanism RSAES_OAEP_SHA_256.

Although other wrapping mechanisms are supported by AWS KMS as well, in this case the RSAES_OAEP_SHA_256 mechanism is mandatory.

  1. Click Download wrapping key and import token.

Both the import token and import wrapping key are on a time limit of 24 hours. After this, the import wrapping key and import token will expire and a new set will need to be downloaded from KMS.

  1. ImportParameters.zip file is downloaded. It comprises three files:

  • importToken_<keyId>

  • wrappingKey_<keyId>

  • README_<keyId>.txt