Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
kms encrypt decrypt
#!/usr/bin/env bash
if [ -z ${KMS_KEY_ID} ]; then
echo "KMS_KEY_ID unset! Exiting";
exit 1
fi
aws kms encrypt --key-id $KMS_KEY_ID --plaintext "hello" --output text --query CiphertextBlob > output.kms.yml
encrypted=$(<output.kms.yml)
echo "Encrypted: $encrypted"
echo "Decrypted: $(aws kms decrypt --ciphertext-blob fileb://<(echo $encrypted | base64 -D) --query Plaintext --output text | base64 -D)"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.