List of usage examples for com.amazonaws.services.kms AWSKMSClient setRegion
@Deprecated public void setRegion(Region region) throws IllegalArgumentException
From source file:ch.cyberduck.core.kms.KMSEncryptionFeature.java
License:Open Source License
/** * @return List of IDs of KMS managed keys *//*w w w .j a va2 s. c o m*/ @Override public Set<Algorithm> getKeys(final Path container, final LoginCallback prompt) throws BackgroundException { final Set<Algorithm> keys = super.getKeys(container, prompt); try { keys.addAll(this.authenticated(new Authenticated<Set<Algorithm>>() { @Override public Set<Algorithm> call() throws BackgroundException { // Create new IAM credentials final AWSKMSClient client = new AWSKMSClient(new com.amazonaws.auth.AWSCredentials() { @Override public String getAWSAccessKeyId() { return host.getCredentials().getUsername(); } @Override public String getAWSSecretKey() { return host.getCredentials().getPassword(); } }, configuration); final Location feature = session.getFeature(Location.class); final Location.Name region = feature.getLocation(containerService.getContainer(container)); client.setRegion(Region.getRegion(Regions.fromName(region.getIdentifier()))); try { final Map<String, String> aliases = new HashMap<String, String>(); for (AliasListEntry entry : client.listAliases().getAliases()) { aliases.put(entry.getTargetKeyId(), entry.getAliasName()); } final Set<Algorithm> keys = new HashSet<Algorithm>(); for (KeyListEntry entry : client.listKeys().getKeys()) { keys.add(new AliasedAlgorithm(entry, aliases.get(entry.getKeyId()), region)); } return keys; } catch (AmazonClientException e) { throw new AmazonServiceExceptionMappingService().map("Cannot read AWS KMS configuration", e); } finally { client.shutdown(); } } }, prompt)); } catch (AccessDeniedException e) { log.warn(String.format("Ignore failure reading keys from KMS. %s", e.getMessage())); keys.add(SSE_KMS_DEFAULT); } return keys; }
From source file:com.nike.cerberus.aws.KmsClientFactory.java
License:Apache License
/** * Returns a KMS client for the given region. Clients are cached by region. * * @param region Region to configure a client for * @return AWS KMS client// w w w .j a v a2 s . c om */ public AWSKMSClient getClient(Region region) { AWSKMSClient client = kmsClientMap.get(region); if (client == null) { final AWSKMSClient newClient = new AWSKMSClient(); newClient.setRegion(region); kmsClientMap.put(region, newClient); client = newClient; } return client; }
From source file:de.zalando.spring.cloud.config.aws.kms.test.EncryptionCLI.java
License:Apache License
@Override public void run(final String... args) { try {/*from w w w . j a v a 2s . com*/ checkArgument(args.length >= 3, "Too few arguments."); final String text = args[1]; final AWSKMSClient kms = new AWSKMSClient(); kms.setRegion(fromName(args[2])); switch (args[0]) { case "encrypt": checkArgument(args.length == 4, "Too few arguments."); System.out.println(new KmsTextEncryptor(kms, args[3]).encrypt(text)); break; case "decrypt": System.out.println(new KmsTextEncryptor(kms, null).decrypt(text)); break; default: break; } } catch (final IllegalArgumentException e) { System.out.println(e.getMessage() + " Usage:\n" // + "./run.sh encrypt 'plaintext' eu-west-1 ${kmsKeyId}\n" // + "./run.sh decrypt 'base64cipherText' eu-west-1"); } }