Kms-auto-decrypt NPM

node-kms-auto-decrypt

Install

npm install kms-auto-decrypt

Usage

First configure an AWS access and secret key. Then use aws kms encrypt to encrypt a JSON.stringifyed object containing secret values. For example, consider this object:

{
  "foo": {
    "two": {
      "b": "secret"
    },
    "three": "secret"
  }
}

After encrypting, you will have a CiphertextBlob. Insert this as a root key, kmsCiphertextBlob, in an object containing other non-encrypted values.

const kmsAutoDecrypt = require('kms-auto-decrypt');

const myConf = {
  kmsCiphertextBlob: 'encrypted-secrets',
  foo: {
    one: '1',
    two: {
      a: 'A'
    }
  }
};

kmsAutoDecrypt(myConf).then((decryptedConf) => { /* ... */ });

Now you can use decryptedConf which will contain both decrypted and plain (originally non-encrypted) values:

{
  foo: {
    one: '1',
    two: {
      a: 'A',
      b: 'secret'
    },
    three: 'secret'
  }
};

node aws kms

aws-sdk bluebird

@everything-registry/sub-chunk-2020 @zalastax/nolb-km @infinitebrahmanuniverse/nolb-km

1.0.1

7 years ago

1.0.0

7 years ago