KMSProvider defines the interface for Key Management Service implementations
| 7 | |
| 8 | // KMSProvider defines the interface for Key Management Service implementations |
| 9 | type KMSProvider interface { |
| 10 | // GenerateDataKey creates a new data encryption key encrypted under the specified KMS key |
| 11 | GenerateDataKey(ctx context.Context, req *GenerateDataKeyRequest) (*GenerateDataKeyResponse, error) |
| 12 | |
| 13 | // Decrypt decrypts an encrypted data key using the KMS |
| 14 | Decrypt(ctx context.Context, req *DecryptRequest) (*DecryptResponse, error) |
| 15 | |
| 16 | // DescribeKey validates that a key exists and returns its metadata |
| 17 | DescribeKey(ctx context.Context, req *DescribeKeyRequest) (*DescribeKeyResponse, error) |
| 18 | |
| 19 | // GetKeyID resolves a key alias or ARN to the actual key ID |
| 20 | GetKeyID(ctx context.Context, keyIdentifier string) (string, error) |
| 21 | |
| 22 | // Close cleans up any resources used by the provider |
| 23 | Close() error |
| 24 | } |
| 25 | |
| 26 | // GenerateDataKeyRequest contains parameters for generating a data key |
| 27 | type GenerateDataKeyRequest struct { |
no outgoing calls
no test coverage detected