Skip to content

Instantly share code, notes, and snippets.

@smd877
Created July 5, 2021 05:59
Show Gist options
  • Save smd877/11c3e89f89d1b3f26c835b8d36dddabe to your computer and use it in GitHub Desktop.
Save smd877/11c3e89f89d1b3f26c835b8d36dddabe to your computer and use it in GitHub Desktop.
AWS LambdaのKMS復号化をローカル環境で行うサンプル
import boto3
from base64 import b64encode, b64decode
AWS_KEY = 'ここにアクセスキーID'
AWS_SECRET = 'ここにシークレットアクセスキー'
AWS_LAMBDA_FUNCTION_NAME = 'ここにlambda関数名'
ENCRYPTED = 'lambda環境変数の暗号化済みの値'
kms = boto3.client(
'kms',
region_name = 'ap-northeast-1',
aws_access_key_id = AWS_KEY,
aws_secret_access_key = AWS_SECRET,
)
DECRYPTED = kms.decrypt(
CiphertextBlob=b64decode(ENCRYPTED),
EncryptionContext={'LambdaFunctionName': AWS_LAMBDA_FUNCTION_NAME}
)['Plaintext'].decode('utf-8')
print('DECRYPTED : {}'.format(DECRYPTED))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment