2021-03-22 16:29:47 +00:00
|
|
|
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
|
|
|
|
// Package kms provides the client and types for making API
|
|
|
|
// requests to AWS Key Management Service.
|
|
|
|
//
|
2021-09-01 13:20:44 +00:00
|
|
|
// Key Management Service (KMS) is an encryption and key management web service.
|
|
|
|
// This guide describes the KMS operations that you can call programmatically.
|
|
|
|
// For general information about KMS, see the Key Management Service Developer
|
|
|
|
// Guide (https://docs.aws.amazon.com/kms/latest/developerguide/).
|
|
|
|
//
|
2023-01-04 17:04:56 +00:00
|
|
|
// KMS has replaced the term customer master key (CMK) with KMS key and KMS
|
2021-09-01 13:20:44 +00:00
|
|
|
// key. The concept has not changed. To prevent breaking changes, KMS is keeping
|
|
|
|
// some variations of this term.
|
|
|
|
//
|
|
|
|
// Amazon Web Services provides SDKs that consist of libraries and sample code
|
|
|
|
// for various programming languages and platforms (Java, Ruby, .Net, macOS,
|
|
|
|
// Android, etc.). The SDKs provide a convenient way to create programmatic
|
|
|
|
// access to KMS and other Amazon Web Services services. For example, the SDKs
|
|
|
|
// take care of tasks such as signing requests (see below), managing errors,
|
|
|
|
// and retrying requests automatically. For more information about the Amazon
|
|
|
|
// Web Services SDKs, including how to download and install them, see Tools
|
|
|
|
// for Amazon Web Services (http://aws.amazon.com/tools/).
|
|
|
|
//
|
|
|
|
// We recommend that you use the Amazon Web Services SDKs to make programmatic
|
|
|
|
// API calls to KMS.
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-04-26 04:57:37 +00:00
|
|
|
// If you need to use FIPS 140-2 validated cryptographic modules when communicating
|
|
|
|
// with Amazon Web Services, use the FIPS endpoint in your preferred Amazon
|
|
|
|
// Web Services Region. For more information about the available FIPS endpoints,
|
|
|
|
// see Service endpoints (https://docs.aws.amazon.com/general/latest/gr/kms.html#kms_region)
|
|
|
|
// in the Key Management Service topic of the Amazon Web Services General Reference.
|
|
|
|
//
|
2022-05-18 05:37:10 +00:00
|
|
|
// All KMS API calls must be signed and be transmitted using Transport Layer
|
|
|
|
// Security (TLS). KMS recommends you always use the latest supported TLS version.
|
|
|
|
// Clients must also support cipher suites with Perfect Forward Secrecy (PFS)
|
|
|
|
// such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman
|
|
|
|
// (ECDHE). Most modern systems such as Java 7 and later support these modes.
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// # Signing Requests
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2023-03-13 21:04:04 +00:00
|
|
|
// Requests must be signed using an access key ID and a secret access key. We
|
|
|
|
// strongly recommend that you do not use your Amazon Web Services account root
|
|
|
|
// access key ID and secret access key for everyday work. You can use the access
|
|
|
|
// key ID and secret access key for an IAM user or you can use the Security
|
|
|
|
// Token Service (STS) to generate temporary security credentials and use those
|
|
|
|
// to sign requests.
|
|
|
|
//
|
|
|
|
// All KMS requests must be signed with Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// # Logging API Requests
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2021-09-01 13:20:44 +00:00
|
|
|
// KMS supports CloudTrail, a service that logs Amazon Web Services API calls
|
|
|
|
// and related events for your Amazon Web Services account and delivers them
|
|
|
|
// to an Amazon S3 bucket that you specify. By using the information collected
|
|
|
|
// by CloudTrail, you can determine what requests were made to KMS, who made
|
|
|
|
// the request, when it was made, and so on. To learn more about CloudTrail,
|
|
|
|
// including how to turn it on and find your log files, see the CloudTrail User
|
|
|
|
// Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/).
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// # Additional Resources
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
|
|
|
// For more information about credentials and request signing, see the following:
|
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - Amazon Web Services Security Credentials (https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - This topic provides general information about the types of credentials
|
|
|
|
// used to access Amazon Web Services.
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - This section of the IAM User Guide describes how to create and use temporary
|
|
|
|
// security credentials.
|
|
|
|
//
|
|
|
|
// - Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
|
|
|
|
//
|
|
|
|
// - This set of topics walks you through the process of signing a request
|
|
|
|
// using an access key ID and a secret access key.
|
|
|
|
//
|
|
|
|
// # Commonly Used API Operations
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
|
|
|
// Of the API operations discussed in this guide, the following will prove the
|
|
|
|
// most useful for most applications. You will likely perform operations other
|
|
|
|
// than these, such as creating keys and assigning policies, by using the console.
|
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - Encrypt
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - Decrypt
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - GenerateDataKey
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// - GenerateDataKeyWithoutPlaintext
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
|
|
|
// See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service.
|
|
|
|
//
|
|
|
|
// See kms package documentation for more information.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/
|
|
|
|
//
|
2022-08-22 20:13:17 +00:00
|
|
|
// # Using the Client
|
2021-03-22 16:29:47 +00:00
|
|
|
//
|
|
|
|
// To contact AWS Key Management Service with the SDK use the New function to create
|
|
|
|
// a new service client. With that client you can make API requests to the service.
|
|
|
|
// These clients are safe to use concurrently.
|
|
|
|
//
|
|
|
|
// See the SDK's documentation for more information on how to use the SDK.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/
|
|
|
|
//
|
|
|
|
// See aws.Config documentation for more information on configuring SDK clients.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
|
|
|
|
//
|
|
|
|
// See the AWS Key Management Service client KMS for more
|
|
|
|
// information on creating client for this service.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New
|
|
|
|
package kms
|