1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
An example Lambda function in Node.js that re-encrypts data with a new encryption key. This is just an example and you will need to modify it to fit your specific use case. I hope this helps
const AWS = require('aws-sdk');
const kms = new AWS.KMS();
const secretsManager = new AWS.SecretsManager();
exports.handler = async (event, context) => {
// Get the new version of the encryption key from Secrets Manager
const secret = await secretsManager.getSecretValue({ SecretId: 'my-secret-id' }).promise();
const encryptionKey = secret.SecretString;
// Re-encrypt the data with the new encryption key
const plaintext = Buffer.from(event.data, 'base64');
const encrypted = await kms.encrypt({ KeyId: encryptionKey, Plaintext: plaintext }).promise();
// Return the re-encrypted data
return { data: encrypted.CiphertextBlob.toString('base64') };
};
답변함 일 년 전
I appreciate your answer, Then you think this is best practice?