kms

package
v0.0.0-...-d0813e5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2015 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package kms provides a client for AWS Key Management Service.

Index

Constants

View Source 
const (
	DataKeySpecAES128 = "AES_128"
	DataKeySpecAES256 = "AES_256"
)

Possible values for KMS.

View Source 
const (
	GrantOperationCreateGrant                     = "CreateGrant"
	GrantOperationDecrypt                         = "Decrypt"
	GrantOperationEncrypt                         = "Encrypt"
	GrantOperationGenerateDataKey                 = "GenerateDataKey"
	GrantOperationGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext"
	GrantOperationReEncryptFrom                   = "ReEncryptFrom"
	GrantOperationReEncryptTo                     = "ReEncryptTo"
	GrantOperationRetireGrant                     = "RetireGrant"
)

Possible values for KMS.

View Source 
const (
	KeyUsageTypeEncryptDecrypt = "ENCRYPT_DECRYPT"
)

Possible values for KMS.

Variables

This section is empty.

Functions

This section is empty.

Types

type AliasListEntry 

type AliasListEntry struct {
	AliasARN    aws.StringValue `json:"AliasArn,omitempty"`
	AliasName   aws.StringValue `json:"AliasName,omitempty"`
	TargetKeyID aws.StringValue `json:"TargetKeyId,omitempty"`
}

AliasListEntry is undocumented.

type CreateAliasRequest 

type CreateAliasRequest struct {
	AliasName   aws.StringValue `json:"AliasName"`
	TargetKeyID aws.StringValue `json:"TargetKeyId"`
}

CreateAliasRequest is undocumented.

type CreateGrantRequest 

type CreateGrantRequest struct {
	Constraints       *GrantConstraints `json:"Constraints,omitempty"`
	GrantTokens       []string          `json:"GrantTokens,omitempty"`
	GranteePrincipal  aws.StringValue   `json:"GranteePrincipal"`
	KeyID             aws.StringValue   `json:"KeyId"`
	Operations        []string          `json:"Operations,omitempty"`
	RetiringPrincipal aws.StringValue   `json:"RetiringPrincipal,omitempty"`
}

CreateGrantRequest is undocumented.

type CreateGrantResponse 

type CreateGrantResponse struct {
	GrantID    aws.StringValue `json:"GrantId,omitempty"`
	GrantToken aws.StringValue `json:"GrantToken,omitempty"`
}

CreateGrantResponse is undocumented.

type CreateKeyRequest 

type CreateKeyRequest struct {
	Description aws.StringValue `json:"Description,omitempty"`
	KeyUsage    aws.StringValue `json:"KeyUsage,omitempty"`
	Policy      aws.StringValue `json:"Policy,omitempty"`
}

CreateKeyRequest is undocumented.

type CreateKeyResponse 

type CreateKeyResponse struct {
	KeyMetadata *KeyMetadata `json:"KeyMetadata,omitempty"`
}

CreateKeyResponse is undocumented.

type DecryptRequest 

type DecryptRequest struct {
	CiphertextBlob    []byte            `json:"CiphertextBlob"`
	EncryptionContext map[string]string `json:"EncryptionContext,omitempty"`
	GrantTokens       []string          `json:"GrantTokens,omitempty"`
}

DecryptRequest is undocumented.

type DecryptResponse 

type DecryptResponse struct {
	KeyID     aws.StringValue `json:"KeyId,omitempty"`
	Plaintext []byte          `json:"Plaintext,omitempty"`
}

DecryptResponse is undocumented.

type DeleteAliasRequest 

type DeleteAliasRequest struct {
	AliasName aws.StringValue `json:"AliasName"`
}

DeleteAliasRequest is undocumented.

type DescribeKeyRequest 

type DescribeKeyRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

DescribeKeyRequest is undocumented.

type DescribeKeyResponse 

type DescribeKeyResponse struct {
	KeyMetadata *KeyMetadata `json:"KeyMetadata,omitempty"`
}

DescribeKeyResponse is undocumented.

type DisableKeyRequest 

type DisableKeyRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

DisableKeyRequest is undocumented.

type DisableKeyRotationRequest 

type DisableKeyRotationRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

DisableKeyRotationRequest is undocumented.

type EnableKeyRequest 

type EnableKeyRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

EnableKeyRequest is undocumented.

type EnableKeyRotationRequest 

type EnableKeyRotationRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

EnableKeyRotationRequest is undocumented.

type EncryptRequest 

type EncryptRequest struct {
	EncryptionContext map[string]string `json:"EncryptionContext,omitempty"`
	GrantTokens       []string          `json:"GrantTokens,omitempty"`
	KeyID             aws.StringValue   `json:"KeyId"`
	Plaintext         []byte            `json:"Plaintext"`
}

EncryptRequest is undocumented.

type EncryptResponse 

type EncryptResponse struct {
	CiphertextBlob []byte          `json:"CiphertextBlob,omitempty"`
	KeyID          aws.StringValue `json:"KeyId,omitempty"`
}

EncryptResponse is undocumented.

type GenerateDataKeyRequest 

type GenerateDataKeyRequest struct {
	EncryptionContext map[string]string `json:"EncryptionContext,omitempty"`
	GrantTokens       []string          `json:"GrantTokens,omitempty"`
	KeyID             aws.StringValue   `json:"KeyId"`
	KeySpec           aws.StringValue   `json:"KeySpec,omitempty"`
	NumberOfBytes     aws.IntegerValue  `json:"NumberOfBytes,omitempty"`
}

GenerateDataKeyRequest is undocumented.

type GenerateDataKeyResponse 

type GenerateDataKeyResponse struct {
	CiphertextBlob []byte          `json:"CiphertextBlob,omitempty"`
	KeyID          aws.StringValue `json:"KeyId,omitempty"`
	Plaintext      []byte          `json:"Plaintext,omitempty"`
}

GenerateDataKeyResponse is undocumented.

type GenerateDataKeyWithoutPlaintextRequest 

type GenerateDataKeyWithoutPlaintextRequest struct {
	EncryptionContext map[string]string `json:"EncryptionContext,omitempty"`
	GrantTokens       []string          `json:"GrantTokens,omitempty"`
	KeyID             aws.StringValue   `json:"KeyId"`
	KeySpec           aws.StringValue   `json:"KeySpec,omitempty"`
	NumberOfBytes     aws.IntegerValue  `json:"NumberOfBytes,omitempty"`
}

GenerateDataKeyWithoutPlaintextRequest is undocumented.

type GenerateDataKeyWithoutPlaintextResponse 

type GenerateDataKeyWithoutPlaintextResponse struct {
	CiphertextBlob []byte          `json:"CiphertextBlob,omitempty"`
	KeyID          aws.StringValue `json:"KeyId,omitempty"`
}

GenerateDataKeyWithoutPlaintextResponse is undocumented.

type GenerateRandomRequest 

type GenerateRandomRequest struct {
	NumberOfBytes aws.IntegerValue `json:"NumberOfBytes,omitempty"`
}

GenerateRandomRequest is undocumented.

type GenerateRandomResponse 

type GenerateRandomResponse struct {
	Plaintext []byte `json:"Plaintext,omitempty"`
}

GenerateRandomResponse is undocumented.

type GetKeyPolicyRequest 

type GetKeyPolicyRequest struct {
	KeyID      aws.StringValue `json:"KeyId"`
	PolicyName aws.StringValue `json:"PolicyName"`
}

GetKeyPolicyRequest is undocumented.

type GetKeyPolicyResponse 

type GetKeyPolicyResponse struct {
	Policy aws.StringValue `json:"Policy,omitempty"`
}

GetKeyPolicyResponse is undocumented.

type GetKeyRotationStatusRequest 

type GetKeyRotationStatusRequest struct {
	KeyID aws.StringValue `json:"KeyId"`
}

GetKeyRotationStatusRequest is undocumented.

type GetKeyRotationStatusResponse 

type GetKeyRotationStatusResponse struct {
	KeyRotationEnabled aws.BooleanValue `json:"KeyRotationEnabled,omitempty"`
}

GetKeyRotationStatusResponse is undocumented.

type GrantConstraints 

type GrantConstraints struct {
	EncryptionContextEquals map[string]string `json:"EncryptionContextEquals,omitempty"`
	EncryptionContextSubset map[string]string `json:"EncryptionContextSubset,omitempty"`
}

GrantConstraints is undocumented.

type GrantListEntry 

type GrantListEntry struct {
	Constraints       *GrantConstraints `json:"Constraints,omitempty"`
	GrantID           aws.StringValue   `json:"GrantId,omitempty"`
	GranteePrincipal  aws.StringValue   `json:"GranteePrincipal,omitempty"`
	IssuingAccount    aws.StringValue   `json:"IssuingAccount,omitempty"`
	Operations        []string          `json:"Operations,omitempty"`
	RetiringPrincipal aws.StringValue   `json:"RetiringPrincipal,omitempty"`
}

GrantListEntry is undocumented.

type KMS 

type KMS struct {
	// contains filtered or unexported fields
}

KMS is a client for AWS Key Management Service.

func New 

func New(creds aws.CredentialsProvider, region string, client *http.Client) *KMS

New returns a new KMS client.

func (*KMS) CreateAlias 

func (c *KMS) CreateAlias(req *CreateAliasRequest) (err error)

CreateAlias creates a display name for a customer master key. An alias can be used to identify a key and should be unique. The console enforces a one-to-one mapping between the alias and a key. An alias name can contain only alphanumeric characters, forward slashes underscores and dashes An alias must start with the word "alias" followed by a forward slash (alias/). An alias that begins with "aws" after the forward slash (alias/aws...) is reserved by Amazon Web Services

func (*KMS) CreateGrant 

func (c *KMS) CreateGrant(req *CreateGrantRequest) (resp *CreateGrantResponse, err error)

CreateGrant adds a grant to a key to specify who can access the key and under what conditions. Grants are alternate permission mechanisms to key policies. If absent, access to the key is evaluated based on IAM policies attached to the user. By default, grants do not expire. Grants can be listed, retired, or revoked as indicated by the following APIs. Typically, when you are finished using a grant, you retire it. When you want to end a grant immediately, revoke it. For more information about grants, see Grants .

func (*KMS) CreateKey 

func (c *KMS) CreateKey(req *CreateKeyRequest) (resp *CreateKeyResponse, err error)

CreateKey creates a customer master key. Customer master keys can be used to encrypt small amounts of data (less than 4K) directly, but they are most commonly used to encrypt or envelope data keys that are then used to encrypt customer data. For more information about data keys, see GenerateDataKey and GenerateDataKeyWithoutPlaintext

func (*KMS) Decrypt 

func (c *KMS) Decrypt(req *DecryptRequest) (resp *DecryptResponse, err error)

Decrypt decrypts ciphertext. Ciphertext is plaintext that has been previously encrypted by using the Encrypt function.

func (*KMS) DeleteAlias 

func (c *KMS) DeleteAlias(req *DeleteAliasRequest) (err error)

DeleteAlias is undocumented.

func (*KMS) DescribeKey 

func (c *KMS) DescribeKey(req *DescribeKeyRequest) (resp *DescribeKeyResponse, err error)

DescribeKey provides detailed information about the specified customer master key.

func (*KMS) DisableKey 

func (c *KMS) DisableKey(req *DisableKeyRequest) (err error)

DisableKey marks a key as disabled, thereby preventing its use.

func (*KMS) DisableKeyRotation 

func (c *KMS) DisableKeyRotation(req *DisableKeyRotationRequest) (err error)

DisableKeyRotation is undocumented.

func (*KMS) EnableKey 

func (c *KMS) EnableKey(req *EnableKeyRequest) (err error)

EnableKey marks a key as enabled, thereby permitting its use. You can have up to 25 enabled keys at one time.

func (*KMS) EnableKeyRotation 

func (c *KMS) EnableKeyRotation(req *EnableKeyRotationRequest) (err error)

EnableKeyRotation enables rotation of the specified customer master key.

func (*KMS) Encrypt 

func (c *KMS) Encrypt(req *EncryptRequest) (resp *EncryptResponse, err error)

Encrypt encrypts plaintext into ciphertext by using a customer master key.

func (*KMS) GenerateDataKey 

func (c *KMS) GenerateDataKey(req *GenerateDataKeyRequest) (resp *GenerateDataKeyResponse, err error)

GenerateDataKey generates a secure data key. Data keys are used to encrypt and decrypt data. They are wrapped by customer master keys.

func (*KMS) GenerateDataKeyWithoutPlaintext 

func (c *KMS) GenerateDataKeyWithoutPlaintext(req *GenerateDataKeyWithoutPlaintextRequest) (resp *GenerateDataKeyWithoutPlaintextResponse, err error)

GenerateDataKeyWithoutPlaintext returns a key wrapped by a customer master key without the plaintext copy of that key. To retrieve the plaintext, see GenerateDataKey .

func (*KMS) GenerateRandom 

func (c *KMS) GenerateRandom(req *GenerateRandomRequest) (resp *GenerateRandomResponse, err error)

GenerateRandom is undocumented.

func (*KMS) GetKeyPolicy 

func (c *KMS) GetKeyPolicy(req *GetKeyPolicyRequest) (resp *GetKeyPolicyResponse, err error)

GetKeyPolicy is undocumented.

func (*KMS) GetKeyRotationStatus 

func (c *KMS) GetKeyRotationStatus(req *GetKeyRotationStatusRequest) (resp *GetKeyRotationStatusResponse, err error)

GetKeyRotationStatus retrieves a Boolean value that indicates whether key rotation is enabled for the specified key.

func (*KMS) ListAliases 

func (c *KMS) ListAliases(req *ListAliasesRequest) (resp *ListAliasesResponse, err error)

ListAliases is undocumented.

func (*KMS) ListGrants 

func (c *KMS) ListGrants(req *ListGrantsRequest) (resp *ListGrantsResponse, err error)

ListGrants is undocumented.

func (*KMS) ListKeyPolicies 

func (c *KMS) ListKeyPolicies(req *ListKeyPoliciesRequest) (resp *ListKeyPoliciesResponse, err error)

ListKeyPolicies is undocumented.

func (*KMS) ListKeys 

func (c *KMS) ListKeys(req *ListKeysRequest) (resp *ListKeysResponse, err error)

ListKeys is undocumented.

func (*KMS) PutKeyPolicy 

func (c *KMS) PutKeyPolicy(req *PutKeyPolicyRequest) (err error)

PutKeyPolicy is undocumented.

func (*KMS) ReEncrypt 

func (c *KMS) ReEncrypt(req *ReEncryptRequest) (resp *ReEncryptResponse, err error)

ReEncrypt encrypts data on the server side with a new customer master key without exposing the plaintext of the data on the client side. The data is first decrypted and then encrypted. This operation can also be used to change the encryption context of a ciphertext.

func (*KMS) RetireGrant 

func (c *KMS) RetireGrant(req *RetireGrantRequest) (err error)

RetireGrant retires a grant. You can retire a grant when you're done using it to clean up. You should revoke a grant when you intend to actively deny operations that depend on it.

func (*KMS) RevokeGrant 

func (c *KMS) RevokeGrant(req *RevokeGrantRequest) (err error)

RevokeGrant revokes a grant. You can revoke a grant to actively deny operations that depend on it.

func (*KMS) UpdateKeyDescription 

func (c *KMS) UpdateKeyDescription(req *UpdateKeyDescriptionRequest) (err error)

UpdateKeyDescription <nil>

type KMSAPI 

type KMSAPI interface {
	CreateAlias(req *CreateAliasRequest) (err error)
	CreateGrant(req *CreateGrantRequest) (resp *CreateGrantResponse, err error)
	CreateKey(req *CreateKeyRequest) (resp *CreateKeyResponse, err error)
	Decrypt(req *DecryptRequest) (resp *DecryptResponse, err error)
	DeleteAlias(req *DeleteAliasRequest) (err error)
	DescribeKey(req *DescribeKeyRequest) (resp *DescribeKeyResponse, err error)
	DisableKey(req *DisableKeyRequest) (err error)
	DisableKeyRotation(req *DisableKeyRotationRequest) (err error)
	EnableKey(req *EnableKeyRequest) (err error)
	EnableKeyRotation(req *EnableKeyRotationRequest) (err error)
	Encrypt(req *EncryptRequest) (resp *EncryptResponse, err error)
	GenerateDataKey(req *GenerateDataKeyRequest) (resp *GenerateDataKeyResponse, err error)
	GenerateDataKeyWithoutPlaintext(req *GenerateDataKeyWithoutPlaintextRequest) (resp *GenerateDataKeyWithoutPlaintextResponse, err error)
	GenerateRandom(req *GenerateRandomRequest) (resp *GenerateRandomResponse, err error)
	GetKeyPolicy(req *GetKeyPolicyRequest) (resp *GetKeyPolicyResponse, err error)
	GetKeyRotationStatus(req *GetKeyRotationStatusRequest) (resp *GetKeyRotationStatusResponse, err error)
	ListAliases(req *ListAliasesRequest) (resp *ListAliasesResponse, err error)
	ListGrants(req *ListGrantsRequest) (resp *ListGrantsResponse, err error)
	ListKeyPolicies(req *ListKeyPoliciesRequest) (resp *ListKeyPoliciesResponse, err error)
	ListKeys(req *ListKeysRequest) (resp *ListKeysResponse, err error)
	PutKeyPolicy(req *PutKeyPolicyRequest) (err error)
	ReEncrypt(req *ReEncryptRequest) (resp *ReEncryptResponse, err error)
	RetireGrant(req *RetireGrantRequest) (err error)
	RevokeGrant(req *RevokeGrantRequest) (err error)
	UpdateKeyDescription(req *UpdateKeyDescriptionRequest) (err error)
}

type KeyListEntry 

type KeyListEntry struct {
	KeyARN aws.StringValue `json:"KeyArn,omitempty"`
	KeyID  aws.StringValue `json:"KeyId,omitempty"`
}

KeyListEntry is undocumented.

type KeyMetadata 

type KeyMetadata struct {
	AWSAccountID aws.StringValue  `json:"AWSAccountId,omitempty"`
	ARN          aws.StringValue  `json:"Arn,omitempty"`
	CreationDate time.Time        `json:"CreationDate,omitempty"`
	Description  aws.StringValue  `json:"Description,omitempty"`
	Enabled      aws.BooleanValue `json:"Enabled,omitempty"`
	KeyID        aws.StringValue  `json:"KeyId"`
	KeyUsage     aws.StringValue  `json:"KeyUsage,omitempty"`
}

KeyMetadata is undocumented.

type ListAliasesRequest 

type ListAliasesRequest struct {
	Limit  aws.IntegerValue `json:"Limit,omitempty"`
	Marker aws.StringValue  `json:"Marker,omitempty"`
}

ListAliasesRequest is undocumented.

type ListAliasesResponse 

type ListAliasesResponse struct {
	Aliases    []AliasListEntry `json:"Aliases,omitempty"`
	NextMarker aws.StringValue  `json:"NextMarker,omitempty"`
	Truncated  aws.BooleanValue `json:"Truncated,omitempty"`
}

ListAliasesResponse is undocumented.

type ListGrantsRequest 

type ListGrantsRequest struct {
	KeyID  aws.StringValue  `json:"KeyId"`
	Limit  aws.IntegerValue `json:"Limit,omitempty"`
	Marker aws.StringValue  `json:"Marker,omitempty"`
}

ListGrantsRequest is undocumented.

type ListGrantsResponse 

type ListGrantsResponse struct {
	Grants     []GrantListEntry `json:"Grants,omitempty"`
	NextMarker aws.StringValue  `json:"NextMarker,omitempty"`
	Truncated  aws.BooleanValue `json:"Truncated,omitempty"`
}

ListGrantsResponse is undocumented.

type ListKeyPoliciesRequest 

type ListKeyPoliciesRequest struct {
	KeyID  aws.StringValue  `json:"KeyId"`
	Limit  aws.IntegerValue `json:"Limit,omitempty"`
	Marker aws.StringValue  `json:"Marker,omitempty"`
}

ListKeyPoliciesRequest is undocumented.

type ListKeyPoliciesResponse 

type ListKeyPoliciesResponse struct {
	NextMarker  aws.StringValue  `json:"NextMarker,omitempty"`
	PolicyNames []string         `json:"PolicyNames,omitempty"`
	Truncated   aws.BooleanValue `json:"Truncated,omitempty"`
}

ListKeyPoliciesResponse is undocumented.

type ListKeysRequest 

type ListKeysRequest struct {
	Limit  aws.IntegerValue `json:"Limit,omitempty"`
	Marker aws.StringValue  `json:"Marker,omitempty"`
}

ListKeysRequest is undocumented.

type ListKeysResponse 

type ListKeysResponse struct {
	Keys       []KeyListEntry   `json:"Keys,omitempty"`
	NextMarker aws.StringValue  `json:"NextMarker,omitempty"`
	Truncated  aws.BooleanValue `json:"Truncated,omitempty"`
}

ListKeysResponse is undocumented.

type PutKeyPolicyRequest 

type PutKeyPolicyRequest struct {
	KeyID      aws.StringValue `json:"KeyId"`
	Policy     aws.StringValue `json:"Policy"`
	PolicyName aws.StringValue `json:"PolicyName"`
}

PutKeyPolicyRequest is undocumented.

type ReEncryptRequest 

type ReEncryptRequest struct {
	CiphertextBlob               []byte            `json:"CiphertextBlob"`
	DestinationEncryptionContext map[string]string `json:"DestinationEncryptionContext,omitempty"`
	DestinationKeyID             aws.StringValue   `json:"DestinationKeyId"`
	GrantTokens                  []string          `json:"GrantTokens,omitempty"`
	SourceEncryptionContext      map[string]string `json:"SourceEncryptionContext,omitempty"`
}

ReEncryptRequest is undocumented.

type ReEncryptResponse 

type ReEncryptResponse struct {
	CiphertextBlob []byte          `json:"CiphertextBlob,omitempty"`
	KeyID          aws.StringValue `json:"KeyId,omitempty"`
	SourceKeyID    aws.StringValue `json:"SourceKeyId,omitempty"`
}

ReEncryptResponse is undocumented.

type RetireGrantRequest 

type RetireGrantRequest struct {
	GrantToken aws.StringValue `json:"GrantToken"`
}

RetireGrantRequest is undocumented.

type RevokeGrantRequest 

type RevokeGrantRequest struct {
	GrantID aws.StringValue `json:"GrantId"`
	KeyID   aws.StringValue `json:"KeyId"`
}

RevokeGrantRequest is undocumented.

type UpdateKeyDescriptionRequest 

type UpdateKeyDescriptionRequest struct {
	Description aws.StringValue `json:"Description"`
	KeyID       aws.StringValue `json:"KeyId"`
}

UpdateKeyDescriptionRequest is undocumented.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.