150 lines
6.7 KiB
Go
150 lines
6.7 KiB
Go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
// Package kms provides the client and types for making API
|
|
// requests to AWS Key Management Service.
|
|
//
|
|
// AWS Key Management Service (AWS KMS) is an encryption and key management
|
|
// web service. This guide describes the AWS KMS operations that you can call
|
|
// programmatically. For general information about AWS KMS, see the AWS Key
|
|
// Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/).
|
|
//
|
|
// AWS provides SDKs that consist of libraries and sample code for various programming
|
|
// languages and platforms (Java, Ruby, .Net, iOS, Android, etc.). The SDKs
|
|
// provide a convenient way to create programmatic access to AWS KMS and other
|
|
// AWS services. For example, the SDKs take care of tasks such as signing requests
|
|
// (see below), managing errors, and retrying requests automatically. For more
|
|
// information about the AWS SDKs, including how to download and install them,
|
|
// see Tools for Amazon Web Services (http://aws.amazon.com/tools/).
|
|
//
|
|
// We recommend that you use the AWS SDKs to make programmatic API calls to
|
|
// AWS KMS.
|
|
//
|
|
// Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS
|
|
// 1.2. Clients must also support cipher suites with Perfect Forward Secrecy
|
|
// (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral
|
|
// Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support
|
|
// these modes.
|
|
//
|
|
// Signing Requests
|
|
//
|
|
// Requests must be signed by using an access key ID and a secret access key.
|
|
// We strongly recommend that you do not use your AWS account (root) access
|
|
// key ID and secret key for everyday work with AWS KMS. Instead, use the access
|
|
// key ID and secret access key for an IAM user, or you can use the AWS Security
|
|
// Token Service to generate temporary security credentials that you can use
|
|
// to sign requests.
|
|
//
|
|
// All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
|
|
//
|
|
// Logging API Requests
|
|
//
|
|
// AWS KMS supports AWS CloudTrail, a service that logs AWS API calls and related
|
|
// events for your AWS account and delivers them to an Amazon S3 bucket that
|
|
// you specify. By using the information collected by CloudTrail, you can determine
|
|
// what requests were made to AWS KMS, who made the request, when it was made,
|
|
// and so on. To learn more about CloudTrail, including how to turn it on and
|
|
// find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/).
|
|
//
|
|
// Additional Resources
|
|
//
|
|
// For more information about credentials and request signing, see the following:
|
|
//
|
|
// * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)
|
|
// - This topic provides general information about the types of credentials
|
|
// used for accessing AWS.
|
|
//
|
|
// * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
|
|
// - This section of the IAM User Guide describes how to create and use temporary
|
|
// security credentials.
|
|
//
|
|
// * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
|
|
// - This set of topics walks you through the process of signing a request
|
|
// using an access key ID and a secret access key.
|
|
//
|
|
// Commonly Used APIs
|
|
//
|
|
// Of the APIs discussed in this guide, the following will prove the most useful
|
|
// for most applications. You will likely perform actions other than these,
|
|
// such as creating keys and assigning policies, by using the console.
|
|
//
|
|
// * Encrypt
|
|
//
|
|
// * Decrypt
|
|
//
|
|
// * GenerateDataKey
|
|
//
|
|
// * GenerateDataKeyWithoutPlaintext
|
|
//
|
|
// See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service.
|
|
//
|
|
// See kms package documentation for more information.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/
|
|
//
|
|
// Using the Client
|
|
//
|
|
// To use the client for AWS Key Management Service you will first need
|
|
// to create a new instance of it.
|
|
//
|
|
// When creating a client for an AWS service you'll first need to have a Session
|
|
// already created. The Session provides configuration that can be shared
|
|
// between multiple service clients. Additional configuration can be applied to
|
|
// the Session and service's client when they are constructed. The aws package's
|
|
// Config type contains several fields such as Region for the AWS Region the
|
|
// client should make API requests too. The optional Config value can be provided
|
|
// as the variadic argument for Sessions and client creation.
|
|
//
|
|
// Once the service's client is created you can use it to make API requests the
|
|
// AWS service. These clients are safe to use concurrently.
|
|
//
|
|
// // Create a session to share configuration, and load external configuration.
|
|
// sess := session.Must(session.NewSession())
|
|
//
|
|
// // Create the service's client with the session.
|
|
// svc := kms.New(sess)
|
|
//
|
|
// See the SDK's documentation for more information on how to use service clients.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/
|
|
//
|
|
// See aws package's Config type for more information on configuration options.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
|
|
//
|
|
// See the AWS Key Management Service client KMS for more
|
|
// information on creating the service's client.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New
|
|
//
|
|
// Once the client is created you can make an API request to the service.
|
|
// Each API method takes a input parameter, and returns the service response
|
|
// and an error.
|
|
//
|
|
// The API method will document which error codes the service can be returned
|
|
// by the operation if the service models the API operation's errors. These
|
|
// errors will also be available as const strings prefixed with "ErrCode".
|
|
//
|
|
// result, err := svc.CancelKeyDeletion(params)
|
|
// if err != nil {
|
|
// // Cast err to awserr.Error to handle specific error codes.
|
|
// aerr, ok := err.(awserr.Error)
|
|
// if ok && aerr.Code() == <error code to check for> {
|
|
// // Specific error code handling
|
|
// }
|
|
// return err
|
|
// }
|
|
//
|
|
// fmt.Println("CancelKeyDeletion result:")
|
|
// fmt.Println(result)
|
|
//
|
|
// Using the Client with Context
|
|
//
|
|
// The service's client also provides methods to make API requests with a Context
|
|
// value. This allows you to control the timeout, and cancellation of pending
|
|
// requests. These methods also take request Option as variadic parameter to apply
|
|
// additional configuration to the API request.
|
|
//
|
|
// ctx := context.Background()
|
|
//
|
|
// result, err := svc.CancelKeyDeletionWithContext(ctx, params)
|
|
//
|
|
// See the request package documentation for more information on using Context pattern
|
|
// with the SDK.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/aws/request/
|
|
package kms
|