| // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. |
| |
| // Package kms provides the client and types for making API |
| // requests to AWS Key Management Service. |
| // |
| // AWS Key Management Service (AWS KMS) is an encryption and key management |
| // web service. This guide describes the AWS KMS operations that you can call |
| // programmatically. For general information about AWS KMS, see the AWS Key |
| // Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/). |
| // |
| // AWS provides SDKs that consist of libraries and sample code for various programming |
| // languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs |
| // provide a convenient way to create programmatic access to AWS KMS and other |
| // AWS services. For example, the SDKs take care of tasks such as signing requests |
| // (see below), managing errors, and retrying requests automatically. For more |
| // information about the AWS SDKs, including how to download and install them, |
| // see Tools for Amazon Web Services (http://aws.amazon.com/tools/). |
| // |
| // We recommend that you use the AWS SDKs to make programmatic API calls to |
| // AWS KMS. |
| // |
| // Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS |
| // 1.2. Clients must also support cipher suites with Perfect Forward Secrecy |
| // (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral |
| // Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support |
| // these modes. |
| // |
| // Signing Requests |
| // |
| // Requests must be signed by using an access key ID and a secret access key. |
| // We strongly recommend that you do not use your AWS account (root) access |
| // key ID and secret key for everyday work with AWS KMS. Instead, use the access |
| // key ID and secret access key for an IAM user, or you can use the AWS Security |
| // Token Service to generate temporary security credentials that you can use |
| // to sign requests. |
| // |
| // All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). |
| // |
| // Logging API Requests |
| // |
| // AWS KMS supports AWS CloudTrail, a service that logs AWS API calls and related |
| // events for your AWS account and delivers them to an Amazon S3 bucket that |
| // you specify. By using the information collected by CloudTrail, you can determine |
| // what requests were made to AWS KMS, who made the request, when it was made, |
| // and so on. To learn more about CloudTrail, including how to turn it on and |
| // find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/). |
| // |
| // Additional Resources |
| // |
| // For more information about credentials and request signing, see the following: |
| // |
| // * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) |
| // - This topic provides general information about the of credentials used |
| // for accessing AWS. |
| // |
| // * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) |
| // - This section of the IAM User Guide describes how to create and use temporary |
| // security credentials. |
| // |
| // * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) |
| // - This set of topics walks you through the process of signing a request |
| // using an access key ID and a secret access key. |
| // |
| // Commonly Used APIs |
| // |
| // Of the APIs discussed in this guide, the following will prove the most useful |
| // for most applications. You will likely perform actions other than these, |
| // such as creating keys and assigning policies, by using the console. |
| // |
| // * Encrypt |
| // |
| // * Decrypt |
| // |
| // * GenerateDataKey |
| // |
| // * GenerateDataKeyWithoutPlaintext |
| // |
| // See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service. |
| // |
| // See kms package documentation for more information. |
| // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/ |
| // |
| // Using the Client |
| // |
| // To contact AWS Key Management Service with the SDK use the New function to create |
| // a new service client. With that client you can make API requests to the service. |
| // These clients are safe to use concurrently. |
| // |
| // See the SDK's documentation for more information on how to use the SDK. |
| // https://docs.aws.amazon.com/sdk-for-go/api/ |
| // |
| // See aws.Config documentation for more information on configuring SDK clients. |
| // https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config |
| // |
| // See the AWS Key Management Service client KMS for more |
| // information on creating client for this service. |
| // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New |
| package kms |