在 AWS KMS 中创建 CMK - 适用于 Ruby 的 AWS 开发工具包
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门



以下示例使用 AWS SDK for Rubycreate_key 方法,该方法实现 CreateKey 操作来创建客户主密钥 (CMK)。由于此示例仅加密少量数据,CMK 适合我们的目的。对于大量数据,请使用 CMK 来加密数据加密密钥 (DEK)。

# Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. # # This file is licensed under the Apache License, Version 2.0 (the "License"). # You may not use this file except in compliance with the License. A copy of the # License is located at # # http://aws.amazon.com/apache2.0/ # # This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS # OF ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. require 'aws-sdk-kms' # v2: require 'aws-sdk' # Create a customer master key (CMK). # As long we are only encrypting small amounts of data (4 KiB or less) directly, # a CMK is fine for our purposes. # For larger amounts of data, # use the CMK to encrypt a data encryption key (DEK). client = Aws::KMS::Client.new resp = client.create_key({ tags: [ { tag_key: 'CreatedBy', tag_value: 'ExampleUser' }, ], }) puts resp.key_metadata.key_id

选择 Copy 将代码保存在本地。请参阅 上的完整示例GitHub。