Creating a TSIG Key

• Console
• CLI
• API

• 1. Open the navigation menu and click Networking. Under DNS management, click TSIG keys.
  2. Under List scope, select the compartment to create the key in.
  3. Click Create TSIG key.
  4. In the Create TSIG Key panel, enter the following information:
     • Name: The name of the key used in domain name syntax. We recommend that the name you choose reflect the names of the hosts and uniquely identify the key among a set of keys these two hosts might share at any particular time.
     • Compartment: The compartment to create the TSIG key in, if it’s different than the one you selected previously.
     • Algorithm: The public key's algorithm used to encrypt or decrypt data. Applicable algorithms include hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-h384, and hmac-sha512.
     • Secret: The base64 string encoding the binary shared secret that corresponds to the key. A maximum value of 255 characters is allowed.
     • Show Advanced Options: Optionally, add tags to the key. If you have permissions to create a resource, you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags.
  5. Click Create TSIG Key.
     The TSIG key details page opens.

• Use the tsig create command and required parameters to create a TSIG key:

  oci dns tsig-key create --compartment-id compartment_id --name tsig_key_name
  --algorithm tsig_key_algorithm  ... [OPTIONS]

  TSIG key algorithms are encoded as domain names, but most consist of only one label that isn't empty, which isn't required to be explicitly absolute. Applicable algorithms include: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha512.

  For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

• Run the CreateTsigKey operation to create a TSIG key.