// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. // Package kms provides the client and types for making API // requests to AWS Key Management Service. // // AWS Key Management Service (AWS KMS) is an encryption and key management // web service. This guide describes the AWS KMS operations that you can call // programmatically. For general information about AWS KMS, see the AWS Key // Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/). // // AWS provides SDKs that consist of libraries and sample code for various programming // languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs // provide a convenient way to create programmatic access to AWS KMS and other // AWS services. For example, the SDKs take care of tasks such as signing requests // (see below), managing errors, and retrying requests automatically. For more // information about the AWS SDKs, including how to download and install them, // see Tools for Amazon Web Services (http://aws.amazon.com/tools/). // // We recommend that you use the AWS SDKs to make programmatic API calls to // AWS KMS. // // Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS // 1.2. Clients must also support cipher suites with Perfect Forward Secrecy // (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral // Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support // these modes. // // Signing Requests // // Requests must be signed by using an access key ID and a secret access key. // We strongly recommend that you do not use your AWS account (root) access // key ID and secret key for everyday work with AWS KMS. Instead, use the access // key ID and secret access key for an IAM user, or you can use the AWS Security // Token Service to generate temporary security credentials that you can use // to sign requests. // // All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // // Logging API Requests // // AWS KMS supports AWS CloudTrail, a service that logs AWS API calls and related // events for your AWS account and delivers them to an Amazon S3 bucket that // you specify. By using the information collected by CloudTrail, you can determine // what requests were made to AWS KMS, who made the request, when it was made, // and so on. To learn more about CloudTrail, including how to turn it on and // find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/). // // Additional Resources // // For more information about credentials and request signing, see the following: // // * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) // - This topic provides general information about the of credentials used // for accessing AWS. // // * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) // - This section of the IAM User Guide describes how to create and use temporary // security credentials. // // * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) // - This set of topics walks you through the process of signing a request // using an access key ID and a secret access key. // // Commonly Used APIs // // Of the APIs discussed in this guide, the following will prove the most useful // for most applications. You will likely perform actions other than these, // such as creating keys and assigning policies, by using the console. // // * Encrypt // // * Decrypt // // * GenerateDataKey // // * GenerateDataKeyWithoutPlaintext // // See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service. // // See kms package documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/ // // Using the Client // // To contact AWS Key Management Service with the SDK use the New function to create // a new service client. With that client you can make API requests to the service. // These clients are safe to use concurrently. // // See the SDK's documentation for more information on how to use the SDK. // https://docs.aws.amazon.com/sdk-for-go/api/ // // See aws.Config documentation for more information on configuring SDK clients. // https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config // // See the AWS Key Management Service client KMS for more // information on creating client for this service. // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New package kms