Created
July 21, 2020 14:56
-
-
Save dazld/24c69165041d89c97ddc81e14e78e664 to your computer and use it in GitHub Desktop.
KMS encryption / decryption example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| KEY_ID=arn:aws:kms:eu-central-1:ef96e7f3:key/ef96e7f3-d6f1-4e69-8444-55d90ca3fa25 | |
| .PHONY: encrypt-text | |
| encrypt-text: ## encrypt text in format make SECRET_TEXT=foo encrypt-text into a binary that can be piped to a file | |
| @aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_TEXT} --query CiphertextBlob --output text | base64 --decode | |
| .PHONY: decrypt-text | |
| decrypt-text: ## decrypt an encrypted binary via make SECRET_BINARY=some_file.bin decrypt-text into plaintext std output | |
| @aws kms decrypt --ciphertext-blob fileb://`pwd`/${SECRET_BINARY} --query Plaintext --output text | base64 --decode |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment