github.com/aavshr/aws-sdk-go@v1.41.3/service/kms/doc.go (about)

     1  // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
     2  
     3  // Package kms provides the client and types for making API
     4  // requests to AWS Key Management Service.
     5  //
     6  // Key Management Service (KMS) is an encryption and key management web service.
     7  // This guide describes the KMS operations that you can call programmatically.
     8  // For general information about KMS, see the Key Management Service Developer
     9  // Guide (https://docs.aws.amazon.com/kms/latest/developerguide/).
    10  //
    11  // KMS is replacing the term customer master key (CMK) with KMS key and KMS
    12  // key. The concept has not changed. To prevent breaking changes, KMS is keeping
    13  // some variations of this term.
    14  //
    15  // Amazon Web Services provides SDKs that consist of libraries and sample code
    16  // for various programming languages and platforms (Java, Ruby, .Net, macOS,
    17  // Android, etc.). The SDKs provide a convenient way to create programmatic
    18  // access to KMS and other Amazon Web Services services. For example, the SDKs
    19  // take care of tasks such as signing requests (see below), managing errors,
    20  // and retrying requests automatically. For more information about the Amazon
    21  // Web Services SDKs, including how to download and install them, see Tools
    22  // for Amazon Web Services (http://aws.amazon.com/tools/).
    23  //
    24  // We recommend that you use the Amazon Web Services SDKs to make programmatic
    25  // API calls to KMS.
    26  //
    27  // Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS
    28  // 1.2. Clients must also support cipher suites with Perfect Forward Secrecy
    29  // (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral
    30  // Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support
    31  // these modes.
    32  //
    33  // Signing Requests
    34  //
    35  // Requests must be signed by using an access key ID and a secret access key.
    36  // We strongly recommend that you do not use your Amazon Web Services account
    37  // (root) access key ID and secret key for everyday work with KMS. Instead,
    38  // use the access key ID and secret access key for an IAM user. You can also
    39  // use the Amazon Web Services Security Token Service to generate temporary
    40  // security credentials that you can use to sign requests.
    41  //
    42  // All KMS operations require Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
    43  //
    44  // Logging API Requests
    45  //
    46  // KMS supports CloudTrail, a service that logs Amazon Web Services API calls
    47  // and related events for your Amazon Web Services account and delivers them
    48  // to an Amazon S3 bucket that you specify. By using the information collected
    49  // by CloudTrail, you can determine what requests were made to KMS, who made
    50  // the request, when it was made, and so on. To learn more about CloudTrail,
    51  // including how to turn it on and find your log files, see the CloudTrail User
    52  // Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/).
    53  //
    54  // Additional Resources
    55  //
    56  // For more information about credentials and request signing, see the following:
    57  //
    58  //    * Amazon Web Services Security Credentials (https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html)
    59  //    - This topic provides general information about the types of credentials
    60  //    used to access Amazon Web Services.
    61  //
    62  //    * Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)
    63  //    - This section of the IAM User Guide describes how to create and use temporary
    64  //    security credentials.
    65  //
    66  //    * Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
    67  //    - This set of topics walks you through the process of signing a request
    68  //    using an access key ID and a secret access key.
    69  //
    70  // Commonly Used API Operations
    71  //
    72  // Of the API operations discussed in this guide, the following will prove the
    73  // most useful for most applications. You will likely perform operations other
    74  // than these, such as creating keys and assigning policies, by using the console.
    75  //
    76  //    * Encrypt
    77  //
    78  //    * Decrypt
    79  //
    80  //    * GenerateDataKey
    81  //
    82  //    * GenerateDataKeyWithoutPlaintext
    83  //
    84  // See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service.
    85  //
    86  // See kms package documentation for more information.
    87  // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/
    88  //
    89  // Using the Client
    90  //
    91  // To contact AWS Key Management Service with the SDK use the New function to create
    92  // a new service client. With that client you can make API requests to the service.
    93  // These clients are safe to use concurrently.
    94  //
    95  // See the SDK's documentation for more information on how to use the SDK.
    96  // https://docs.aws.amazon.com/sdk-for-go/api/
    97  //
    98  // See aws.Config documentation for more information on configuring SDK clients.
    99  // https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
   100  //
   101  // See the AWS Key Management Service client KMS for more
   102  // information on creating client for this service.
   103  // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New
   104  package kms