Package kms contains an implementation of the go.mozilla.org/sops/v3.MasterKey interface that encrypts and decrypts the data key using AWS KMS with the AWS Go SDK.
ParseKMSContext takes either a KMS context map or a comma-separated list of KMS context key:value pairs and returns a map
MasterKey is a AWS KMS key used to encrypt and decrypt sops' data key.
MasterKeysFromArnString takes a comma separated list of AWS KMS ARNs and returns a slice of new MasterKeys for those ARNs
NewMasterKey creates a new MasterKey from an ARN, role and context, setting the creation date to the current date
NewMasterKeyFromArn takes an ARN string and returns a new MasterKey for that ARN
Decrypt decrypts the EncryptedKey field with AWS KMS and returns the result.
Encrypt takes a sops data key, encrypts it with KMS and stores the result in the EncryptedKey field
EncryptIfNeeded encrypts the provided sops' data key and encrypts it if it hasn't been encrypted yet
EncryptedDataKey returns the encrypted data key this master key holds
NeedsRotation returns whether the data key needs to be rotated or not.
SetEncryptedDataKey sets the encrypted data key for this master key
ToMap converts the MasterKey to a map for serialization purposes
ToString converts the key to a string representation