Skip to content

Latest commit

 

History

History
78 lines (60 loc) · 1.89 KB

README.md

File metadata and controls

78 lines (60 loc) · 1.89 KB

NPM version Build Status Dependency Status

Command-line client for AWS KMS

Install as nodejs module (global)

$ npm install kms-cli -g

Install as a docker executable container

Please see this project: https://github.com/ddffx/docker-kms-cli

Setup Environment variables

Pick the AWS Region your KMS key is accessible in, and export your Access Key ID and Secret Access Keys as environment variables for the script to work. Get those secrets off the AWS console.

Use this (preferred), if you have aws profiles set up in your ~/.aws/credentials file

export AWS_REGION=<region ex: us-east-1>
export AWS_PROFILE=< profile_name ex: work-profile>

Otherwise set the env variables explicitly

export AWS_REGION=<region ex: us-east-1>
export AWS_ACCESS_KEY_ID=<your access key id>
export AWS_SECRET_ACCESS_KEY=<your secret access key id>

Usage

$ kms-cli --help

Implemented Features

Encrypt

  1. Using inputs directly from commandline
kms-cli encrypt -k my_kms_key_id --pt 'My plain text'
  1. Using inputs from a json formatted file
 kms-cli encrypt --file /path/my-input-file.json

Json file format:

 {
  
  "keyId" : "xxx-xxxx-xxxx-xxxx",
  "plainText": "my secret",
  "awsRegion": "us-east-1", // optional
  "awsProfile": "default" // optional
}

Decrypt

kms-cli decrypt  --ct 'My encrypted cipher text'

Describe Key

kms-cli describe  -k my_kms_key_id

License

MIT © Deb Das