Managing CMK using Amazon Web Services Management Console - Managed Service for Apache Flink
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Managed Service for Apache Flink (Amazon MSF) was previously known as Amazon Kinesis Data Analytics for Apache Flink.

Managing CMK using Amazon Web Services Management Console

This topic describes how to create and update your KMS CMKs using the Amazon Web Services Management Console. To follow the procedures described in this topic, you must have permission to manage the KMS key and the Amazon MSF application. The procedures in this topic use a permissive key policy, which is for demonstration and testing purposes only. We don't recommend using such a permissive key policy for production workloads. For production workloads, you can use the console, but in real-life scenarios, roles, permissions, and workflows are isolated.

Before you start, create a KMS key. For information about creating a KMS key, see Create a KMS key in the Amazon Key Management Service Developer Guide.

  1. Sign in to the Amazon Web Services Management Console, and open the Amazon MSF console at https://console.aws.amazon.com/flink.

  2. On the Streaming applications page, choose Create streaming application.

  3. For Apache Flink version, make sure that you choose Apache Flink 1.20.

  4. For Encryption, choose Use customer managed key.

  5. If you don't have a KMS key, choose Create an Amazon KMS key, and create a KMS key. For information about how to create the key, see Using the Amazon KMS console in the Amazon Key Management Service Developer Guide.

  6. If you don't have a KMS key, choose Create an Amazon KMS key, and create a KMS key. For information about how to create the key using console, see Create a symmetric encryption KMS key.

  7. Choose the key in the selector you want to use. Remember only the key with Enabled status is allowed.

  1. Sign in to the Amazon Web Services Management Console, and open the Amazon MSF console at https://console.aws.amazon.com/flink.

  2. On the Streaming applications page, choose an application with Flink version 1.20.

  3. Choose Configure.

  4. For Encryption, choose Use customer managed key.

  5. If you don't have a KMS key, choose Create an Amazon KMS key, and create a KMS key. For information about how to create the key using console, see Create a symmetric encryption KMS key.

  6. Choose the key in the selector you want to use. Remember only the key with Enabled status is allowed.

  1. Sign in to the Amazon Web Services Management Console, and open the Amazon MSF console at https://console.aws.amazon.com/flink.

  2. On the Streaming applications page, choose an application with Flink version 1.20.

  3. Choose Configure.

  4. For Encryption, choose Use Amazon owned key.