Class: Hiera::Backend::Eyaml::Encryptors::Kms

Inherits:
Encryptor
  • Object
show all
Defined in:
lib/hiera/backend/eyaml/encryptors/kms.rb

Constant Summary collapse

VERSION = 
"0.1"

Class Method Summary collapse

Class Method Details

.decrypt(ciphertext) ⇒ Object 



43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/hiera/backend/eyaml/encryptors/kms.rb', line 43

def self.decrypt ciphertext
  aws_region = self.option :aws_region

  @kms = ::Aws::KMS::Client.new(
    region: aws_region
  )

  resp = @kms.decrypt({
    ciphertext_blob: ciphertext
  })

  resp.plaintext
end

.encrypt(plaintext) ⇒ Object

Raises:

  • (StandardError) 


26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/hiera/backend/eyaml/encryptors/kms.rb', line 26

def self.encrypt plaintext
  aws_region = self.option :aws_region
  key_id = self.option :key_id
  raise StandardError, "key_id is not defined" unless key_id

  @kms = ::Aws::KMS::Client.new(
    region: aws_region
  )

  resp = @kms.encrypt({
    key_id: key_id,
    plaintext: plaintext
  })

  resp.ciphertext_blob
end