// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. // Package kms provides the client and types for making API // requests to AWS Key Management Service. // // AWS Key Management Service (AWS KMS) is an encryption and key management // web service. This guide describes the AWS KMS operations that you can call // programmatically. For general information about AWS KMS, see the AWS Key // Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/). // // AWS provides SDKs that consist of libraries and sample code for various programming // languages and platforms (Java, Ruby, .Net, iOS, Android, etc.). The SDKs // provide a convenient way to create programmatic access to AWS KMS and other // AWS services. For example, the SDKs take care of tasks such as signing requests // (see below), managing errors, and retrying requests automatically. For more // information about the AWS SDKs, including how to download and install them, // see Tools for Amazon Web Services (http://aws.amazon.com/tools/). // // We recommend that you use the AWS SDKs to make programmatic API calls to // AWS KMS. // // Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS // 1.2. Clients must also support cipher suites with Perfect Forward Secrecy // (PFS) such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Ephemeral // Diffie-Hellman (ECDHE). Most modern systems such as Java 7 and later support // these modes. // // Signing Requests // // Requests must be signed by using an access key ID and a secret access key. // We strongly recommend that you do not use your AWS account (root) access // key ID and secret key for everyday work with AWS KMS. Instead, use the access // key ID and secret access key for an IAM user, or you can use the AWS Security // Token Service to generate temporary security credentials that you can use // to sign requests. // // All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // // Logging API Requests // // AWS KMS supports AWS CloudTrail, a service that logs AWS API calls and related // events for your AWS account and delivers them to an Amazon S3 bucket that // you specify. By using the information collected by CloudTrail, you can determine // what requests were made to AWS KMS, who made the request, when it was made, // and so on. To learn more about CloudTrail, including how to turn it on and // find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/). // // Additional Resources // // For more information about credentials and request signing, see the following: // // * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) // - This topic provides general information about the types of credentials // used for accessing AWS. // // * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) // - This section of the IAM User Guide describes how to create and use temporary // security credentials. // // * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) // - This set of topics walks you through the process of signing a request // using an access key ID and a secret access key. // // Commonly Used APIs // // Of the APIs discussed in this guide, the following will prove the most useful // for most applications. You will likely perform actions other than these, // such as creating keys and assigning policies, by using the console. // // * Encrypt // // * Decrypt // // * GenerateDataKey // // * GenerateDataKeyWithoutPlaintext // // See https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01 for more information on this service. // // See kms package documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/ // // Using the Client // // To use the client for AWS Key Management Service you will first need // to create a new instance of it. // // When creating a client for an AWS service you'll first need to have a Session // already created. The Session provides configuration that can be shared // between multiple service clients. Additional configuration can be applied to // the Session and service's client when they are constructed. The aws package's // Config type contains several fields such as Region for the AWS Region the // client should make API requests too. The optional Config value can be provided // as the variadic argument for Sessions and client creation. // // Once the service's client is created you can use it to make API requests the // AWS service. These clients are safe to use concurrently. // // // Create a session to share configuration, and load external configuration. // sess := session.Must(session.NewSession()) // // // Create the service's client with the session. // svc := kms.New(sess) // // See the SDK's documentation for more information on how to use service clients. // https://docs.aws.amazon.com/sdk-for-go/api/ // // See aws package's Config type for more information on configuration options. // https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config // // See the AWS Key Management Service client KMS for more // information on creating the service's client. // https://docs.aws.amazon.com/sdk-for-go/api/service/kms/#New // // Once the client is created you can make an API request to the service. // Each API method takes a input parameter, and returns the service response // and an error. // // The API method will document which error codes the service can be returned // by the operation if the service models the API operation's errors. These // errors will also be available as const strings prefixed with "ErrCode". // // result, err := svc.CancelKeyDeletion(params) // if err != nil { // // Cast err to awserr.Error to handle specific error codes. // aerr, ok := err.(awserr.Error) // if ok && aerr.Code() == { // // Specific error code handling // } // return err // } // // fmt.Println("CancelKeyDeletion result:") // fmt.Println(result) // // Using the Client with Context // // The service's client also provides methods to make API requests with a Context // value. This allows you to control the timeout, and cancellation of pending // requests. These methods also take request Option as variadic parameter to apply // additional configuration to the API request. // // ctx := context.Background() // // result, err := svc.CancelKeyDeletionWithContext(ctx, params) // // See the request package documentation for more information on using Context pattern // with the SDK. // https://docs.aws.amazon.com/sdk-for-go/api/aws/request/ package kms