Stack Overflow
Stack Overflow

Questions tagged [amazon-kms]

AWS Key Management Service (KMS) is an encryption and key management service scaled for the cloud. KMS keys and functionality are used by other AWS services, and you can use them to protect data in your own applications that use AWS.

AWS Key Management Service (KMS) is an encryption and key management service scaled for the cloud. KMS keys and functionality are used by other AWS services, and you can use them to protect data in your own applications that use AWS.

704 questions
0
votes
0 answers

Cannot create encryption key with cloudformation

I am trying to create my Encryption key with cloudformation. So just to test I have a very simple one as follow: { "AWSTemplateFormatVersion": "2010-09-09", "Description": "Creates a KMS key and attaches a policy similar to the default policy. Also,…
Hamed Minaee
  • 2,480
  • 4
  • 35
  • 63
0
votes
0 answers

Python Crypto decoding

i try to encrypt and then decrypt text with Crypto and AWS KMS on Python, i have this code : import base64 import boto3 from Crypto.Cipher import AES PAD = lambda s: s + (256 - len(s) % 256) * ' ' def get_arn(aws_data): return…
Андрей Ка
  • 756
  • 4
  • 14
  • 33
0
votes
1 answer

AWS encrypt TypeError: can't concat str to bytes

i try to write a code , whom encrypt my data , then i try to execute me code i get an error: import base64 import boto3 from Crypto.Cipher import AES PAD = lambda s: s + (32 - len(s) % 32) * ' ' def get_arn(aws_data): return…
Андрей Ка
  • 756
  • 4
  • 14
  • 33
0
votes
1 answer

aws cli: aws kms encrypt/decrypt using powershell

I'm trying to encrypt and decrypt content with the aws cli on powershell (not the powershell specific one but the standard one) Here is my way to do it and that seems closer to the truth: $input = "foo" $file_path = "$(pwd)\file" $region =…
Thibault Deheurles
  • 1,211
  • 13
  • 21
0
votes
1 answer

Decrypt input parameter in Lambda function in AWS Codepipeline

I built a CodePipeline with a CodeBuild step that generates as output a file "build.json" with a single line tag information. This file is the input for a next Lambda step in the Codepipeline. The Lambda function wants to read the tag information…
Sam
  • 1
  • 2
0
votes
1 answer

Copy to redshift fails with an error when using KMS Managed CMK

I am trying to write a java program which encrypts data using KMS key id. I am using the default java code for uploading an object to S3. I am changing the values to be uploaded to S3 to be a records so that I can use load it to redshift. import…
hadooper
  • 726
  • 1
  • 6
  • 18
0
votes
1 answer

Tracking AWS KMS activities

Is there a way to track or log what AWS KMS is using which key for which purposes. I noticed that in some accounts that we do not use KMS, there are still KMS activities in the billing. In fact, there are activities in every region. While these…
kenchew
  • 324
  • 5
  • 17
0
votes
0 answers

AWS KMS - Plaintext Key length wrong in Java, how to count it right?

I am creating a data key under a master key on AWS KMS, I am converting the plaintext bytebuffer into string, but the length of this string is reported inconsistent, it's never 32 (for example using the SHA 256 key spec).
Mahesh H Viraktamath
  • 818
  • 3
  • 14
  • 34
0
votes
1 answer

Restricting AWS API key to access KMS from only EB Environment or VPC

I want to restrict an API key to work only from within my Elastic Beanstalk environment. I tried to use a VPC condition, but this doesn't work, and the docs say it is not always available (so I guess not in EB). I got it working, to a degree, by…
Paul
  • 578
  • 1
  • 8
  • 23
0
votes
1 answer

Can I use AWS KMS encryption for client side encryption in Android?

There is no method for KMS encryption in Android AWS SDK. On the server side we use KMSEncryptionMaterialsProvider to create AmazonS3EncryptionClient object, but this class is not available in Android SDK. I tried using the Java SDK in my Android…
Paxcel Labs
  • 1
  • 2
0
votes
0 answers

boto3 key error for S3 with correct key and algorithm

I have the following module: def get_details(N, bucket_path): s3 = boto3.resource('s3') files = recent_N(str(N), bucket_path) bucket = s3.Bucket(bucket_path) for obj in bucket.objects.all(): key = obj.key if key in…
Dawny33
  • 10,543
  • 21
  • 82
  • 134
0
votes
0 answers

Encrypt plain text passwords and other sensitive information using AWS KMS

I need to encrypt plain text passwords and other sensitive information using AWS KMSin nodejs server. Is it possible with AWS KMS. I am new to AWS KMS i don't have much info about AWS KMS. Please suggest solution for this. Thanks
Team
  • 347
  • 1
  • 5
  • 16
0
votes
1 answer

Presto S3 AccessDenied when inserting data into KMS encryption enforced bucket

I have a bucket on AWS s3 that enforces all object to be KMS encrypted. I'm running Presto on emr-5.2.1 I have external table on s3 (no data). When I'm using INSERT INTO hive.s3.new_table SELECT * FROM src_table I'm getting AccessDenied error.…
KonradK
  • 1
  • 4
0
votes
2 answers

How to encrypt data in S3 from EMR without the need to mention sse and key-id in request header?

I have created up an EMR cluster with Amazon S3 SSE-S3 Enabled. Also I configured fs.s3.enableServerSideEncryption = true fs.s3.serverSideEncryption.kms.keyId = key-id in emrfs-site.xml I am writing my data as follows to s3 aws s3 cp…
Sanket_patil
  • 301
  • 1
  • 10
0
votes
1 answer

What is the best practice for storing sensitive env vars using AWS Lambda?

My AWS Lambda function needs to be populated with env vars that contain sensitive values, like a master db password. The new env vars feature of Lambda makes this super-simple. But it's a little fuzzy as to what the best practice is, or how to go…
AJB
  • 7,389
  • 14
  • 57
  • 88
1 2 3
46
47