class YamlVault::Main::ValueCryptor::KMS

Public Class Methods

new(key_id, region: nil, aws_access_key_id: nil, aws_secret_access_key: nil, aws_profile: nil) click to toggle source
# File lib/yaml_vault.rb, line 117
def initialize(key_id, region: nil, aws_access_key_id: nil, aws_secret_access_key: nil, aws_profile: nil)
  begin
    begin
      require 'aws-sdk-kms'
    rescue LoadError
      begin
        require 'aws-sdk'
      rescue LoadError
        puts "Please install aws-sdk v2 or aws-sdk-kms (aws-sdk v3)"
        exit 1
      end
    end
  end
  options = {}
  options[:region] = region if region
  options[:access_key_id] = aws_access_key_id if aws_access_key_id
  options[:secret_access_key] = aws_secret_access_key if aws_secret_access_key
  options[:profile] = aws_profile if aws_profile
  @client = Aws::KMS::Client.new(options)
  @key_id = key_id
end

Public Instance Methods

decrypt(value) click to toggle source
# File lib/yaml_vault.rb, line 144
def decrypt(value)
  resp = @client.decrypt(ciphertext_blob: Base64.strict_decode64(value))
  YAML.load(resp.plaintext)
end
encrypt(value) click to toggle source
# File lib/yaml_vault.rb, line 139
def encrypt(value)
  resp = @client.encrypt(key_id: @key_id, plaintext: YAML.dump(value))
  Base64.strict_encode64(resp.ciphertext_blob)
end