Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ktonon/node-kms-auto-decrypt
Scans an Object and auto decrypts for keys ending with Encrypted using AWS KMS
https://github.com/ktonon/node-kms-auto-decrypt
Last synced: about 1 month ago
JSON representation
Scans an Object and auto decrypts for keys ending with Encrypted using AWS KMS
- Host: GitHub
- URL: https://github.com/ktonon/node-kms-auto-decrypt
- Owner: ktonon
- License: mit
- Created: 2016-11-23T19:55:42.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2016-11-24T15:53:33.000Z (about 8 years ago)
- Last Synced: 2024-10-23T02:08:52.427Z (2 months ago)
- Language: JavaScript
- Size: 2.93 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# node-kms-auto-decrypt
[](https://circleci.com/gh/ktonon/node-kms-auto-decrypt)
__Install__
```
npm install kms-auto-decrypt
```
__Usage__
First configure an AWS access and secret key. Then use [aws kms encrypt][] to encrypt a `JSON.stringify`ed object containing secret values. For example, consider this object:
```json
{
"foo": {
"two": {
"b": "secret"
},
"three": "secret"
}
}
```
After encrypting, you will have a `CiphertextBlob`. Insert this as a root key, `kmsCiphertextBlob`, in an object containing other non-encrypted values.
```js
const kmsAutoDecrypt = require('kms-auto-decrypt');
const myConf = {
kmsCiphertextBlob: 'encrypted-secrets',
foo: {
one: '1',
two: {
a: 'A'
}
}
};
kmsAutoDecrypt(myConf).then((decryptedConf) => { /* ... */ });
```
Now you can use `decryptedConf` which will contain both decrypted and plain (originally non-encrypted) values:
```js
{
foo: {
one: '1',
two: {
a: 'A',
b: 'secret'
},
three: 'secret'
}
};
```
[aws kms encrypt]:http://docs.aws.amazon.com/cli/latest/reference/kms/encrypt.html