kms_rs
| Crates.io | kms_rs |
| lib.rs | kms_rs |
| version | 0.2.0 |
| created_at | 2020-12-30 00:13:33.534014+00 |
| updated_at | 2021-01-06 01:23:45.804657+00 |
| description | A crate for interacting with AWS KMS. |
| homepage | |
| repository | https://github.com/jeffrade/kms_rs |
| max_upload_size | |
| id | 329057 |
| size | 60,385 |
Jeff Rade (jeffrade)
documentation
README
kms_rs
A simple crate for managing keys in AWS Key Management Service (KMS)
Disclaimer: This project has not been audited and not yet recommended for production environments.
:warning: This project is under construction! :warning:
Uses rusoto.
See examples for usage (uses clap).
Prerequisites
As functionality is added, it will be listed below.
- Retrieve a list of all CMK's (Customer Master Keys) in region us-east-1
- Describe a single key given a key-id
- Create a key (symmetric only)
- Schedule key deletion
- Cancel key deletion
- Enable a key given a key-id
- Disable a key given a key-id
- Generate a data key
- Generate a data key without plaintext
A full list of commands can be found here. Feel free to open an issue to request a command(s) or PR to add them.
Note that the following are excludeded from AWS Free Tier:
- GenerateDataKeyPair
- GenerateDataKeyPairWithoutPlaintext
- Sign
- Verify
- Encrypt
- Decrypt
- GetPublicKey that reference asymmetric CMKs
Because of this, one goal of this crate is to provide you some functionality natively to keep high-volume usage costs down. See the latest costs here.
Future Goals
Integration with AWS CloudHSM
- Add native commands that aren't covered under AWS Free Tier
- CloudHSM details here
- Pricing calculation here
Integration with FIPS-140 hardware and software
- FIPS-140 details here