-
-
Save n0ts/a7170cab284700788d7242ca5f361b51 to your computer and use it in GitHub Desktop.
Revisions
-
n0ts revised this gist
Jul 26, 2019 . 1 changed file with 10 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,8 @@ # How to encrypt/decrypt your text/blob secret with AWS KMS with AWS cli # AWS_PROFILE=<profile> AWS_DEFAULT_REGION=<region> MY_KEY_ID=<kms key id> make (encrypt-text|decrypt-text|encrypt-blob|decrypt-blob) KEY_ID=$(MY_KEY_ID) SECRET_BLOB_PATH=fileb://my-secret-blob SECRET_TEXT="my secret text" @@ -9,16 +11,19 @@ DECRYPTED_SECRET_AS_BLOB=decrypted_secret_blob # Result of decrypt-blob target encrypt-text: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_TEXT} --query CiphertextBlob --output text \ | base64 -d > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-text: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ | base64 -d encrypt-blob: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_BLOB_PATH} --query CiphertextBlob --output text \ | base64 -d > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-blob: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ | base64 -d > ${DECRYPTED_SECRET_AS_BLOB} clean: rm -f ${ENCRYPTED_SECRET_AS_BLOB} ${DECRYPTED_SECRET_AS_BLOB} -
ryu1kn revised this gist
Apr 2, 2018 . No changes.There are no files selected for viewing
-
Feb 28, 2018 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,16 +9,16 @@ DECRYPTED_SECRET_AS_BLOB=decrypted_secret_blob # Result of decrypt-blob target encrypt-text: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_TEXT} --query CiphertextBlob --output text \ | base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-text: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ | base64 --decode encrypt-blob: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_BLOB_PATH} --query CiphertextBlob --output text \ | base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-blob: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ | base64 --decode > ${DECRYPTED_SECRET_AS_BLOB} -
Mar 4, 2017 . 1 changed file with 6 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,24 +1,24 @@ # How to encrypt/decrypt your text/blob secret with AWS KMS with AWS cli KEY_ID=alias/my-key SECRET_BLOB_PATH=fileb://my-secret-blob SECRET_TEXT="my secret text" ENCRYPTED_SECRET_AS_BLOB=encrypted_secret_blob DECRYPTED_SECRET_AS_BLOB=decrypted_secret_blob # Result of decrypt-blob target encrypt-text: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_TEXT} --query CiphertextBlob --output text \ base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-text: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ base64 --decode encrypt-blob: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_BLOB_PATH} --query CiphertextBlob --output text \ base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-blob: aws kms decrypt --ciphertext-blob fileb://${ENCRYPTED_SECRET_AS_BLOB} --query Plaintext --output text \ base64 --decode > ${DECRYPTED_SECRET_AS_BLOB} -
Mar 4, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,24 @@ # How to encrypt/decrypt your text/blob secret with AWS KMS with AWS cli KEY_ID=alias/my-key SECRET_BLOB=fileb://my-secret-blob SECRET_TEXT="my secret text" ENCRYPTED_SECRET_AS_BLOB=./encrypted_secret_blob DECRYPTED_SECRET_AS_BLOB=./decrypted_secret_blob # Result of decrypt-blob target encrypt-text: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_TEXT} --query CiphertextBlob --output text \ base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-text: aws kms decrypt --ciphertext-blob fileb://${PATH_TO_SECRET} --query Plaintext --output text \ base64 --decode encrypt-blob: aws kms encrypt --key-id ${KEY_ID} --plaintext ${SECRET_BLOB} --query CiphertextBlob --output text \ base64 --decode > ${ENCRYPTED_SECRET_AS_BLOB} decrypt-blob: aws kms decrypt --ciphertext-blob fileb://${PATH_TO_SECRET} --query Plaintext --output text \ base64 --decode > ${DECRYPTED_SECRET_AS_BLOB}