Skip to content

ktonon/node-kms-auto-decrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

lib

lib

 
 

test

test

 
 

.eslintignore

.eslintignore

 
 

.eslintrc

.eslintrc

 
 

.gitignore

.gitignore

 
 

.npmignore

.npmignore

 
 

LICENSE.txt

LICENSE.txt

 
 

README.md

README.md

 
 

package.json

package.json

 
 

Repository files navigation

node-kms-auto-decrypt

CircleCI

Install

npm install kms-auto-decrypt

Usage

First configure an AWS access and secret key. Then use aws kms encrypt to encrypt a JSON.stringifyed object containing secret values. For example, consider this object:

{
  "foo": {
    "two": {
      "b": "secret"
    },
    "three": "secret"
  }
}

After encrypting, you will have a CiphertextBlob. Insert this as a root key, kmsCiphertextBlob, in an object containing other non-encrypted values.

const kmsAutoDecrypt = require('kms-auto-decrypt');

const myConf = {
  kmsCiphertextBlob: 'encrypted-secrets',
  foo: {
    one: '1',
    two: {
      a: 'A'
    }
  }
};

kmsAutoDecrypt(myConf).then((decryptedConf) => { /* ... */ });

Now you can use decryptedConf which will contain both decrypted and plain (originally non-encrypted) values:

{
  foo: {
    one: '1',
    two: {
      a: 'A',
      b: 'secret'
    },
    three: 'secret'
  }
};

About

Scans an Object and auto decrypts for keys ending with Encrypted using AWS KMS

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages