的版本 4 (V4) 适用于 .NET 的 Amazon SDK 已经发布!
要开始使用新版本的 SDK,请参阅 适用于 .NET 的 Amazon SDK (V4) 开发者指南,尤其是迁移到版本 4 的主题。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Amazon KMS 使用示例 适用于 .NET 的 Amazon SDK
以下代码示例向您展示了如何使用with来执行操作和实现常见场景 Amazon KMS。 适用于 .NET 的 Amazon SDK
操作是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。
每个示例都包含一个指向完整源代码的链接,您可以从中找到有关如何在上下文中设置和运行代码的说明。
主题
操作
以下代码示例演示了如何使用 CreateAlias。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// Creates an alias for an AWS Key Management Service (AWS KMS) key. /// </summary> public class CreateAlias { public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); // The alias name must start with alias/ and can be // up to 256 alphanumeric characters long. var aliasName = "alias/ExampleAlias"; // The value supplied as the TargetKeyId can be either // the key ID or key Amazon Resource Name (ARN) of the // AWS KMS key. var keyId = "1234abcd-12ab-34cd-56ef-1234567890ab"; var request = new CreateAliasRequest { AliasName = aliasName, TargetKeyId = keyId, }; var response = await client.CreateAliasAsync(request); if (response.HttpStatusCode == System.Net.HttpStatusCode.OK) { Console.WriteLine($"Alias, {aliasName}, successfully created."); } else { Console.WriteLine($"Could not create alias."); } } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考CreateAlias中的。
-
以下代码示例演示了如何使用 CreateGrant。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); // The identity that is given permission to perform the operations // specified in the grant. var grantee = "arn:aws:iam::111122223333:role/ExampleRole"; // The identifier of the AWS KMS key to which the grant applies. You // can use the key ID or the Amazon Resource Name (ARN) of the KMS key. var keyId = "7c9eccc2-38cb-4c4f-9db3-766ee8dd3ad4"; var request = new CreateGrantRequest { GranteePrincipal = grantee, KeyId = keyId, // A list of operations that the grant allows. Operations = new List<string> { "Encrypt", "Decrypt", }, }; var response = await client.CreateGrantAsync(request); string grantId = response.GrantId; // The unique identifier of the grant. string grantToken = response.GrantToken; // The grant token. Console.WriteLine($"Id: {grantId}, Token: {grantToken}"); } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考CreateGrant中的。
-
以下代码示例演示了如何使用 CreateKey。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// Shows how to create a new AWS Key Management Service (AWS KMS) /// key. /// </summary> public class CreateKey { public static async Task Main() { // Note that if you need to create a Key in an AWS Region // other than the Region defined for the default user, you need to // pass the Region to the client constructor. var client = new AmazonKeyManagementServiceClient(); // The call to CreateKeyAsync will create a symmetrical AWS KMS // key. For more information about symmetrical and asymmetrical // keys, see: // // https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html var response = await client.CreateKeyAsync(new CreateKeyRequest()); // The KeyMetadata object contains information about the new AWS KMS key. KeyMetadata keyMetadata = response.KeyMetadata; if (keyMetadata is not null) { Console.WriteLine($"KMS Key: {keyMetadata.KeyId} was successfully created."); } else { Console.WriteLine("Could not create KMS Key."); } } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考CreateKey中的。
-
以下代码示例演示了如何使用 DescribeKey。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// Retrieve information about an AWS Key Management Service (AWS KMS) key. /// You can supply either the key Id or the key Amazon Resource Name (ARN) /// to the DescribeKeyRequest KeyId property. /// </summary> public class DescribeKey { public static async Task Main() { var keyId = "7c9eccc2-38cb-4c4f-9db3-766ee8dd3ad4"; var request = new DescribeKeyRequest { KeyId = keyId, }; var client = new AmazonKeyManagementServiceClient(); var response = await client.DescribeKeyAsync(request); var metadata = response.KeyMetadata; Console.WriteLine($"{metadata.KeyId} created on: {metadata.CreationDate}"); Console.WriteLine($"State: {metadata.KeyState}"); Console.WriteLine($"{metadata.Description}"); } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考DescribeKey中的。
-
以下代码示例演示了如何使用 DisableKey。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// Disable an AWS Key Management Service (AWS KMS) key and then retrieve /// the key's status to show that it has been disabled. /// </summary> public class DisableKey { public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); // The identifier of the AWS KMS key to disable. You can use the // key Id or the Amazon Resource Name (ARN) of the AWS KMS key. var keyId = "1234abcd-12ab-34cd-56ef-1234567890ab"; var request = new DisableKeyRequest { KeyId = keyId, }; var response = await client.DisableKeyAsync(request); if (response.HttpStatusCode == System.Net.HttpStatusCode.OK) { // Retrieve information about the key to show that it has now // been disabled. var describeResponse = await client.DescribeKeyAsync(new DescribeKeyRequest { KeyId = keyId, }); Console.WriteLine($"{describeResponse.KeyMetadata.KeyId} - state: {describeResponse.KeyMetadata.KeyState}"); } } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考DisableKey中的。
-
以下代码示例演示了如何使用 EnableKey。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// Enable an AWS Key Management Service (AWS KMS) key. /// </summary> public class EnableKey { public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); // The identifier of the AWS KMS key to enable. You can use the // key Id or the Amazon Resource Name (ARN) of the AWS KMS key. var keyId = "1234abcd-12ab-34cd-56ef-1234567890ab"; var request = new EnableKeyRequest { KeyId = keyId, }; var response = await client.EnableKeyAsync(request); if (response.HttpStatusCode == System.Net.HttpStatusCode.OK) { // Retrieve information about the key to show that it has now // been enabled. var describeResponse = await client.DescribeKeyAsync(new DescribeKeyRequest { KeyId = keyId, }); Console.WriteLine($"{describeResponse.KeyMetadata.KeyId} - state: {describeResponse.KeyMetadata.KeyState}"); } } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考EnableKey中的。
-
以下代码示例演示了如何使用 ListAliases。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// List the AWS Key Management Service (AWS KMS) aliases that have been defined for /// the keys in the same AWS Region as the default user. If you want to list /// the aliases in a different Region, pass the Region to the client /// constructor. /// </summary> public class ListAliases { public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); var request = new ListAliasesRequest(); var response = new ListAliasesResponse(); do { response = await client.ListAliasesAsync(request); response.Aliases.ForEach(alias => { Console.WriteLine($"Created: {alias.CreationDate} Last Update: {alias.LastUpdatedDate} Name: {alias.AliasName}"); }); request.Marker = response.NextMarker; } while (response.Truncated); } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考ListAliases中的。
-
以下代码示例演示了如何使用 ListGrants。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// List the AWS Key Management Service (AWS KMS) grants that are associated with /// a specific key. /// </summary> public class ListGrants { public static async Task Main() { // The identifier of the AWS KMS key to disable. You can use the // key Id or the Amazon Resource Name (ARN) of the AWS KMS key. var keyId = "1234abcd-12ab-34cd-56ef-1234567890ab"; var client = new AmazonKeyManagementServiceClient(); var request = new ListGrantsRequest { KeyId = keyId, }; var response = new ListGrantsResponse(); do { response = await client.ListGrantsAsync(request); response.Grants.ForEach(grant => { Console.WriteLine($"{grant.GrantId}"); }); request.Marker = response.NextMarker; } while (response.Truncated); } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考ListGrants中的。
-
以下代码示例演示了如何使用 ListKeys。
- 适用于 .NET 的 Amazon SDK
-
注意
还有更多相关信息 GitHub。在 Amazon 代码示例存储库
中查找完整示例,了解如何进行设置和运行。 using System; using System.Threading.Tasks; using Amazon.KeyManagementService; using Amazon.KeyManagementService.Model; /// <summary> /// List the AWS Key Managements Service (AWS KMS) keys for the AWS Region /// of the default user. To list keys in another AWS Region, supply the Region /// as a parameter to the client constructor. /// </summary> public class ListKeys { public static async Task Main() { var client = new AmazonKeyManagementServiceClient(); var request = new ListKeysRequest(); var response = new ListKeysResponse(); do { response = await client.ListKeysAsync(request); response.Keys.ForEach(key => { Console.WriteLine($"ID: {key.KeyId}, {key.KeyArn}"); }); // Set the Marker property when response.Truncated is true // in order to get the next keys. request.Marker = response.NextMarker; } while (response.Truncated); } }-
有关 API 的详细信息,请参阅 适用于 .NET 的 Amazon SDK API 参考ListKeys中的。
-