1 Answer
- Newest
- Most votes
- Most comments
1
An example Lambda function in Node.js that re-encrypts data with a new encryption key. This is just an example and you will need to modify it to fit your specific use case. I hope this helps
const AWS = require('aws-sdk');
const kms = new AWS.KMS();
const secretsManager = new AWS.SecretsManager();
exports.handler = async (event, context) => {
// Get the new version of the encryption key from Secrets Manager
const secret = await secretsManager.getSecretValue({ SecretId: 'my-secret-id' }).promise();
const encryptionKey = secret.SecretString;
// Re-encrypt the data with the new encryption key
const plaintext = Buffer.from(event.data, 'base64');
const encrypted = await kms.encrypt({ KeyId: encryptionKey, Plaintext: plaintext }).promise();
// Return the re-encrypted data
return { data: encrypted.CiphertextBlob.toString('base64') };
};
answered a year ago
Relevant content
- asked 5 years ago
- Accepted Answer
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
I appreciate your answer, Then you think this is best practice?