AWS KMS Secrets retrieval promisified.
yarn add @asymmetrik/fhir-secrets
- You will need an AWS Account.
- You should have the CiphertextBlob you need to decrypt.
- You can authenticate with AWS.
Depending on where you are running this code, the setup portion may change. If you have a default AWS profile with region and everything else set, you can use the decrypt function as follows:
const secrets = ;// This is output when you encrypt a secret with kms//let CiphertextBlob = 'somefakeblobcontent=';// Lets assume this blob contains metadata for a plaintext secret with value foobarsecrets;
If you need to configure the setup process with region or other properties in the client class constructor, you can do so and chain the process.
const secrets = ;secrets;
See fhir-secrets tests for more usage examples.
Configures the service class with any AWS or service class specific configurations.
this so you can immediately call
decrypt after configuring it.
Wrapper on kms.decrypt but returns a promise which resolves the plain text of the secret.