awskms

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2019 License: Apache-2.0 Imports: 8 Imported by: 17

Documentation

Overview

Package awskms provides a secrets implementation backed by AWS KMS. Use NewKeeper to construct a *secrets.Keeper.

As

awskms exposes the following type for As:

  • Error: awserr.Error
Example 
package main

import (
	"context"
	"log"

	"github.com/aws/aws-sdk-go/aws/session"
	"gocloud.dev/secrets/awskms"
)

func main() {
	// Establish an AWS session.
	// See https://docs.aws.amazon.com/sdk-for-go/api/aws/session/ for more info.
	session, err := session.NewSession(nil)
	if err != nil {
		log.Fatal(err)
	}

	// Get a client to use with the KMS API.
	client, err := awskms.Dial(session)
	if err != nil {
		log.Fatal(err)
	}

	// Construct a *secrets.Keeper.
	keeper := awskms.NewKeeper(
		client,
		// Get the key resource ID. Here is an example of using an alias. See
		// https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn
		// for more details.
		"alias/test-secrets",
		nil,
	)

	// Now we can use keeper to encrypt or decrypt.
	ctx := context.Background()
	plaintext := []byte("Hello, Secrets!")
	ciphertext, err := keeper.Encrypt(ctx, plaintext)
	if err != nil {
		log.Fatal(err)
	}
	decrypted, err := keeper.Decrypt(ctx, ciphertext)
	_ = decrypted
}

Output:

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func Dial 

func Dial(p client.ConfigProvider) (*kms.KMS, error)

Dial gets a AWS KMS service client.

func NewKeeper 

func NewKeeper(client *kms.KMS, keyID string, opts *KeeperOptions) *secrets.Keeper

NewKeeper returns a *secrets.Keeper that uses AWS KMS. The keyID can be in the form of an Amazon Resource Name (ARN), alias name, or alias ARN. See https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn for more details. See the package documentation for an example.

Types

type KeeperOptions 

type KeeperOptions struct{}

KeeperOptions controls Keeper behaviors. It is provided for future extensibility.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.