List of usage examples for com.amazonaws.services.kms.model AliasListEntry getTargetKeyId
public String getTargetKeyId()
String that contains the key identifier referred to by the alias.
From source file:ch.cyberduck.core.kms.KMSEncryptionFeature.java
License:Open Source License
/** * @return List of IDs of KMS managed keys *//*from w ww. ja v a 2 s . c o m*/ @Override public Set<Algorithm> getKeys(final Path container, final LoginCallback prompt) throws BackgroundException { final Set<Algorithm> keys = super.getKeys(container, prompt); try { keys.addAll(this.authenticated(new Authenticated<Set<Algorithm>>() { @Override public Set<Algorithm> call() throws BackgroundException { // Create new IAM credentials final AWSKMSClient client = new AWSKMSClient(new com.amazonaws.auth.AWSCredentials() { @Override public String getAWSAccessKeyId() { return host.getCredentials().getUsername(); } @Override public String getAWSSecretKey() { return host.getCredentials().getPassword(); } }, configuration); final Location feature = session.getFeature(Location.class); final Location.Name region = feature.getLocation(containerService.getContainer(container)); client.setRegion(Region.getRegion(Regions.fromName(region.getIdentifier()))); try { final Map<String, String> aliases = new HashMap<String, String>(); for (AliasListEntry entry : client.listAliases().getAliases()) { aliases.put(entry.getTargetKeyId(), entry.getAliasName()); } final Set<Algorithm> keys = new HashSet<Algorithm>(); for (KeyListEntry entry : client.listKeys().getKeys()) { keys.add(new AliasedAlgorithm(entry, aliases.get(entry.getKeyId()), region)); } return keys; } catch (AmazonClientException e) { throw new AmazonServiceExceptionMappingService().map("Cannot read AWS KMS configuration", e); } finally { client.shutdown(); } } }, prompt)); } catch (AccessDeniedException e) { log.warn(String.format("Ignore failure reading keys from KMS. %s", e.getMessage())); keys.add(SSE_KMS_DEFAULT); } return keys; }