如何在AWS Lambda中使用AWS KMS [英] How to use AWS KMS in AWS lambda

问题描述

我刚刚开始使用AWS服务，尤其是AWS Lambda.有没有一种方法可以在Lambda代码(Java)中使用AWS KMS服务.我想使用KMS解密加密的外部化(从属性读取)机密.我的Lambda代码在Java中.预先感谢.

I've just started to work with AWS services, particularly AWS Lambda. Is there a way to use AWS KMS service from within Lambda code (Java). I'd like to use KMS to decrypt an encrypted externalized (read from a property) secret. My Lambda code is in java. Thanks in advance.

推荐答案

在Python中:

with open('encrypted_pem.txt', 'r') as encrypted_pem:
    pem_file = encrypted_pem.read()

kms = boto3.client('kms', region_name=REGION)
return kms.decrypt(CiphertextBlob=b64decode(pem_file))['Plaintext']

来自 AWS实验室厨师清理源.

该存储库的自述文件首先说明了如何使用AWS KMS CLI加密PEM文件.

The README of that repo explains how to encrypt the PEM file in the first place using the AWS KMS CLI.

这篇关于如何在AWS Lambda中使用AWS KMS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！