{"id":16118964,"url":"https://github.com/cch0/awslambdawithkms","last_synced_at":"2025-04-06T09:50:57.627Z","repository":{"id":84547288,"uuid":"58884224","full_name":"cch0/AWSLambdaWithKMS","owner":"cch0","description":null,"archived":false,"fork":false,"pushed_at":"2016-05-15T22:16:12.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-12T15:37:04.579Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cch0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-05-15T21:02:53.000Z","updated_at":"2016-05-15T22:05:31.000Z","dependencies_parsed_at":"2023-03-08T08:15:36.020Z","dependency_job_id":null,"html_url":"https://github.com/cch0/AWSLambdaWithKMS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cch0%2FAWSLambdaWithKMS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cch0%2FAWSLambdaWithKMS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cch0%2FAWSLambdaWithKMS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cch0%2FAWSLambdaWithKMS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cch0","download_url":"https://codeload.github.com/cch0/AWSLambdaWithKMS/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247463903,"owners_count":20942948,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-09T20:51:49.633Z","updated_at":"2025-04-06T09:50:57.606Z","avatar_url":"https://github.com/cch0.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Purpose\n\nAn AWS Lambda to demonstrate round trip encryption without having to \nspecify AWS credentials in the Lambda code.\n\n# Prerequisites\n\nLambda is deployed with a role which has policy to allow kms:Encrypt, \nkms:Decrypt and kms:CreateKey permissions.\n\n# Details\nIn order to achieve secret-less Lambda, Lambda function is running with \nthe role which has the necessary permissions to perform encryption and \ndecryption tasks. \n\nIn reality, the real AWS credentials can be encrypted through \nout-of-band process and the encrypted information can then safely be put \ninto a file (such as configuration.yml) or on S3 bucket. When Lambda \nfunction is in need of the AWS credentials for other purposes (such as \ncommunicating with other AWS services through SDK Client), then the \nencrypted information can be decrypted by using AWS KMS client.\n\nSince Lambda function assumes the role to perform decryption, there is \nno need to provide AWS credentials when using AWS KMS client.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcch0%2Fawslambdawithkms","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcch0%2Fawslambdawithkms","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcch0%2Fawslambdawithkms/lists"}