Examples with CreateAliasRequest com.amazonaws.services.kms.model.CreateAliasRequest used on opensource projects

Search in sources :

Example 1 with CreateAliasRequest

use of com.amazonaws.services.kms.model.CreateAliasRequest in project aws-doc-sdk-examples by awsdocs.

the class CreateAlias method main.

public static void main(String[] args) {
    final String USAGE = "To run this example, supply a key id or ARN and an alias name\n" + "Usage: CreateAlias <key-id> <alias-name>\n" + "Example: CreateAlias 1234abcd-12ab-34cd-56ef-1234567890ab " + "alias/projectKey1\n";
    if (args.length != 2) {
        System.out.println(USAGE);
        System.exit(1);
    }
    String targetKeyId = args[0];
    String aliasName = args[1];
    AWSKMS kmsClient = AWSKMSClientBuilder.standard().build();
    // Create an alias for a CMK
    CreateAliasRequest req = new CreateAliasRequest().withAliasName(aliasName).withTargetKeyId(targetKeyId);
    kmsClient.createAlias(req);
}
Also used : CreateAliasRequest(com.amazonaws.services.kms.model.CreateAliasRequest) AWSKMS(com.amazonaws.services.kms.AWSKMS)

Example 2 with CreateAliasRequest

use of com.amazonaws.services.kms.model.CreateAliasRequest in project di-authentication-api by alphagov.

the class KmsKeyExtension method createTokenSigningKey.

// https://github.com/aws/aws-sdk/issues/125
@SuppressWarnings("deprecation")
protected void createTokenSigningKey(String keyAlias) {
    CreateKeyRequest keyRequest = new CreateKeyRequest().withCustomerMasterKeySpec(CustomerMasterKeySpec.ECC_NIST_P256).withKeyUsage(SIGN_VERIFY);
    var keyResponse = kms.createKey(keyRequest);
    CreateAliasRequest aliasRequest = new CreateAliasRequest().withAliasName(keyAlias).withTargetKeyId(keyResponse.getKeyMetadata().getKeyId());
    kms.createAlias(aliasRequest);
}
Also used : CreateKeyRequest(com.amazonaws.services.kms.model.CreateKeyRequest) CreateAliasRequest(com.amazonaws.services.kms.model.CreateAliasRequest)

Example 3 with CreateAliasRequest

use of com.amazonaws.services.kms.model.CreateAliasRequest in project cerberus by Nike-Inc.

the class KmsServiceTest method test_provisionKmsKey.

@Test
public void test_provisionKmsKey() {
    String iamRoleId = "role-id";
    String awsRegion = "aws-region";
    String user = "user";
    OffsetDateTime dateTime = OffsetDateTime.now();
    String policy = "policy";
    String arn = "arn:aws:iam::12345678901234:role/some-role";
    String awsIamRoleKmsKeyId = "awsIamRoleKmsKeyId";
    when(uuidSupplier.get()).thenReturn(awsIamRoleKmsKeyId);
    when(kmsPolicyService.generateStandardKmsPolicy(arn)).thenReturn(policy);
    AWSKMSClient client = mock(AWSKMSClient.class);
    when(kmsClientFactory.getClient(awsRegion)).thenReturn(client);
    CreateKeyRequest request = new CreateKeyRequest();
    request.setKeyUsage(KeyUsageType.ENCRYPT_DECRYPT);
    request.setDescription("Key used by Cerberus fakeEnv for IAM role authentication. " + arn);
    request.setPolicy(policy);
    request.setTags(Lists.newArrayList(new Tag().withTagKey("created_by").withTagValue(ARTIFACT + VERSION), new Tag().withTagKey("created_for").withTagValue("cerberus_auth"), new Tag().withTagKey("auth_principal").withTagValue(arn), new Tag().withTagKey("cerberus_env").withTagValue(ENV)));
    CreateKeyResult createKeyResult = mock(CreateKeyResult.class);
    KeyMetadata metadata = mock(KeyMetadata.class);
    when(metadata.getArn()).thenReturn(arn);
    when(createKeyResult.getKeyMetadata()).thenReturn(metadata);
    when(client.createKey(any())).thenReturn(createKeyResult);
    // invoke method under test
    String actualResult = kmsService.provisionKmsKey(iamRoleId, arn, awsRegion, user, dateTime).getAwsKmsKeyId();
    assertEquals(arn, actualResult);
    CreateAliasRequest aliasRequest = new CreateAliasRequest();
    aliasRequest.setAliasName(kmsService.getAliasName(awsIamRoleKmsKeyId, arn));
    aliasRequest.setTargetKeyId(arn);
    verify(client).createAlias(aliasRequest);
    AwsIamRoleKmsKeyRecord awsIamRoleKmsKeyRecord = new AwsIamRoleKmsKeyRecord();
    awsIamRoleKmsKeyRecord.setId(awsIamRoleKmsKeyId);
    awsIamRoleKmsKeyRecord.setAwsIamRoleId(iamRoleId);
    awsIamRoleKmsKeyRecord.setAwsKmsKeyId(arn);
    awsIamRoleKmsKeyRecord.setAwsRegion(awsRegion);
    awsIamRoleKmsKeyRecord.setCreatedBy(user);
    awsIamRoleKmsKeyRecord.setLastUpdatedBy(user);
    awsIamRoleKmsKeyRecord.setCreatedTs(dateTime);
    awsIamRoleKmsKeyRecord.setLastUpdatedTs(dateTime);
    awsIamRoleKmsKeyRecord.setLastValidatedTs(dateTime);
    verify(awsIamRoleDao).createIamRoleKmsKey(awsIamRoleKmsKeyRecord);
}
Also used : CreateKeyResult(com.amazonaws.services.kms.model.CreateKeyResult) AuthKmsKeyMetadata(com.nike.cerberus.domain.AuthKmsKeyMetadata) KeyMetadata(com.amazonaws.services.kms.model.KeyMetadata) OffsetDateTime(java.time.OffsetDateTime) CreateKeyRequest(com.amazonaws.services.kms.model.CreateKeyRequest) AwsIamRoleKmsKeyRecord(com.nike.cerberus.record.AwsIamRoleKmsKeyRecord) AWSKMSClient(com.amazonaws.services.kms.AWSKMSClient) Tag(com.amazonaws.services.kms.model.Tag) CreateAliasRequest(com.amazonaws.services.kms.model.CreateAliasRequest) Test(org.junit.Test)

Example 4 with CreateAliasRequest

use of com.amazonaws.services.kms.model.CreateAliasRequest in project di-authentication-api by alphagov.

the class KmsKeyExtension method createEncryptionKey.

// https://github.com/aws/aws-sdk/issues/125
@SuppressWarnings("deprecation")
protected void createEncryptionKey(String keyAlias) {
    CreateKeyRequest keyRequest = new CreateKeyRequest().withCustomerMasterKeySpec(CustomerMasterKeySpec.RSA_2048).withKeyUsage(ENCRYPT_DECRYPT);
    var keyResponse = kms.createKey(keyRequest);
    CreateAliasRequest aliasRequest = new CreateAliasRequest().withAliasName(keyAlias).withTargetKeyId(keyResponse.getKeyMetadata().getKeyId());
    kms.createAlias(aliasRequest);
}
Also used : CreateKeyRequest(com.amazonaws.services.kms.model.CreateKeyRequest) CreateAliasRequest(com.amazonaws.services.kms.model.CreateAliasRequest)

Aggregations

CreateAliasRequest (com.amazonaws.services.kms.model.CreateAliasRequest)4 CreateKeyRequest (com.amazonaws.services.kms.model.CreateKeyRequest)3 AWSKMS (com.amazonaws.services.kms.AWSKMS)1 AWSKMSClient (com.amazonaws.services.kms.AWSKMSClient)1 CreateKeyResult (com.amazonaws.services.kms.model.CreateKeyResult)1 KeyMetadata (com.amazonaws.services.kms.model.KeyMetadata)1 Tag (com.amazonaws.services.kms.model.Tag)1 AuthKmsKeyMetadata (com.nike.cerberus.domain.AuthKmsKeyMetadata)1 AwsIamRoleKmsKeyRecord (com.nike.cerberus.record.AwsIamRoleKmsKeyRecord)1 OffsetDateTime (java.time.OffsetDateTime)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial