2017-10-06 00:08:03 +03:00
|
|
|
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
|
|
|
|
// Package kms provides the client and types for making API
|
|
|
|
// requests to AWS Key Management Service.
|
|
|
|
//
|
|
|
|
// AWS Key Management Service (AWS KMS) is an encryption and key management
|
|
|
|
// web service. This guide describes the AWS KMS operations that you can call
|
|
|
|
// programmatically. For general information about AWS KMS, see the AWS Key
|
|
|
|
// Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/).
|
|
|
|
//
|
|
|
|
// AWS provides SDKs that consist of libraries and sample code for various programming
|
2019-03-11 19:18:55 +03:00
|
|
|
// languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs
|
2017-10-06 00:08:03 +03:00
|
|
|
// provide a convenient way to create programmatic access to AWS KMS and other
|
|
|
|
// AWS services. For example, the SDKs take care of tasks such as signing requests
|
|
|
|
// (see below), managing errors, and retrying requests automatically. For more
|
|
|
|
// information about the AWS SDKs, including how to download and install them,
|
|
|
|
// see Tools for Amazon Web Services (http://aws.amazon.com/tools/).
|
|
|
|
//
|
|
|
|
// We recommend that you use the AWS SDKs to make programmatic API calls to
|
|
|
|
// AWS KMS.
|
|
|
|
//
|
|
|
|
// Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS
|
|
|
|
// 1.2. Clients must also support cipher suites with Perfect Forward Secrecy
|
|
|
|
// (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral
|
|
|
|
// Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support
|
|
|
|
// these modes.
|
|
|
|
//
|
|
|
|
// Signing Requests
|
|
|
|
//
|
|
|
|
// Requests must be signed by using an access key ID and a secret access key.
|
|
|
|
// We strongly recommend that you do not use your AWS account (root) access
|
|
|
|
// key ID and secret key for everyday work with AWS KMS. Instead, use the access
|
|
|
|
// key ID and secret access key for an IAM user, or you can use the AWS Security
|
|
|
|
// Token Service to generate temporary security credentials that you can use
|
|
|
|
// to sign requests.
|
|
|
|
//
|
|
|
|
// All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
|
|
|
|
//
|
|
|
|
// Logging API Requests
|
|
|
|
//
|
|
|
|
// AWS KMS supports AWS CloudTrail, a service that logs AWS API calls and related
|
|
|
|
// events for your AWS account and delivers them to an Amazon S3 bucket that
|
|
|
|
// you specify. By using the information collected by CloudTrail, you can determine
|
|
|
|
// what requests were made to AWS KMS, who made the request, when it was made,
|
|
|
|
// and so on. To learn more about CloudTrail, including how to turn it on and
|
|
|
|
// find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/).
|
|
|
|
//
|
|
|
|
// Additional Resources
|
|
|
|
//
|
|
|
|
// For more information about credentials and request signing, see the following:
|
|
|
|
//
|
|
|
|
// * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)
|
2019-03-11 19:18:55 +03:00
|
|
|
// - This topic provides general information about the of credentials used
|
|
|
|
// for accessing AWS.
|
2017-10-06 00:08:03 +03:00
|
|
|
//
|
|
|
|
// * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
|
|
|
|
// - This section of the IAM User Guide describes how to create and use temporary
|
|
|
|
// security credentials.
|
|
|
|
//
|
|
|
|
// * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
|
|
|
|
// - This set of topics walks you through the process of signing a request
|
|
|
|
// using an access key ID and a secret access key.
|
|
|
|
//
|
|
|
|
// Commonly Used APIs
|
|
|
|
//
|
|
|
|
// Of the APIs discussed in this guide, the following will prove the most useful
|
|
|
|
// for most applications. You will likely perform actions other than these,
|
|
|
|
// such as creating keys and assigning policies, by using the console.
|
|
|
|
//
|
|
|
|
// * Encrypt
|
|
|
|
//
|
|
|
|
// * Decrypt
|
|
|
|
//
|
|
|
|
// * GenerateDataKey
|
|
|
|
//
|
|
|
|
// * GenerateDataKeyWithoutPlaintext
|
|
|
|
//
|
|
|
|
// See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service.
|
|
|
|
//
|
|
|
|
// See kms package documentation for more information.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/
|
|
|
|
//
|
|
|
|
// Using the Client
|
|
|
|
//
|
2019-03-11 19:18:55 +03:00
|
|
|
// To contact AWS Key Management Service with the SDK use the New function to create
|
2017-10-06 00:08:03 +03:00
|
|
|
// a new service client. With that client you can make API requests to the service.
|
|
|
|
// These clients are safe to use concurrently.
|
|
|
|
//
|
|
|
|
// See the SDK's documentation for more information on how to use the SDK.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/
|
|
|
|
//
|
|
|
|
// See aws.Config documentation for more information on configuring SDK clients.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
|
|
|
|
//
|
|
|
|
// See the AWS Key Management Service client KMS for more
|
|
|
|
// information on creating client for this service.
|
|
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New
|
|
|
|
package kms
|