1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. 2 3package kms_test 4 5import ( 6 "fmt" 7 "strings" 8 "time" 9 10 "github.com/aws/aws-sdk-go/aws" 11 "github.com/aws/aws-sdk-go/aws/awserr" 12 "github.com/aws/aws-sdk-go/aws/session" 13 "github.com/aws/aws-sdk-go/service/kms" 14) 15 16var _ time.Duration 17var _ strings.Reader 18var _ aws.Config 19 20func parseTime(layout, value string) *time.Time { 21 t, err := time.Parse(layout, value) 22 if err != nil { 23 panic(err) 24 } 25 return &t 26} 27 28// To cancel deletion of a customer master key (CMK) 29// 30// The following example cancels deletion of the specified CMK. 31func ExampleKMS_CancelKeyDeletion_shared00() { 32 svc := kms.New(session.New()) 33 input := &kms.CancelKeyDeletionInput{ 34 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 35 } 36 37 result, err := svc.CancelKeyDeletion(input) 38 if err != nil { 39 if aerr, ok := err.(awserr.Error); ok { 40 switch aerr.Code() { 41 case kms.ErrCodeNotFoundException: 42 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 43 case kms.ErrCodeInvalidArnException: 44 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 45 case kms.ErrCodeDependencyTimeoutException: 46 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 47 case kms.ErrCodeInternalException: 48 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 49 case kms.ErrCodeInvalidStateException: 50 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 51 default: 52 fmt.Println(aerr.Error()) 53 } 54 } else { 55 // Print the error, cast err to awserr.Error to get the Code and 56 // Message from an error. 57 fmt.Println(err.Error()) 58 } 59 return 60 } 61 62 fmt.Println(result) 63} 64 65// To create an alias 66// 67// The following example creates an alias for the specified customer master key (CMK). 68func ExampleKMS_CreateAlias_shared00() { 69 svc := kms.New(session.New()) 70 input := &kms.CreateAliasInput{ 71 AliasName: aws.String("alias/ExampleAlias"), 72 TargetKeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 73 } 74 75 result, err := svc.CreateAlias(input) 76 if err != nil { 77 if aerr, ok := err.(awserr.Error); ok { 78 switch aerr.Code() { 79 case kms.ErrCodeDependencyTimeoutException: 80 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 81 case kms.ErrCodeAlreadyExistsException: 82 fmt.Println(kms.ErrCodeAlreadyExistsException, aerr.Error()) 83 case kms.ErrCodeNotFoundException: 84 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 85 case kms.ErrCodeInvalidAliasNameException: 86 fmt.Println(kms.ErrCodeInvalidAliasNameException, aerr.Error()) 87 case kms.ErrCodeInternalException: 88 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 89 case kms.ErrCodeLimitExceededException: 90 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 91 case kms.ErrCodeInvalidStateException: 92 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 93 default: 94 fmt.Println(aerr.Error()) 95 } 96 } else { 97 // Print the error, cast err to awserr.Error to get the Code and 98 // Message from an error. 99 fmt.Println(err.Error()) 100 } 101 return 102 } 103 104 fmt.Println(result) 105} 106 107// To create a grant 108// 109// The following example creates a grant that allows the specified IAM role to encrypt 110// data with the specified customer master key (CMK). 111func ExampleKMS_CreateGrant_shared00() { 112 svc := kms.New(session.New()) 113 input := &kms.CreateGrantInput{ 114 GranteePrincipal: aws.String("arn:aws:iam::111122223333:role/ExampleRole"), 115 KeyId: aws.String("arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"), 116 Operations: []*string{ 117 aws.String("Encrypt"), 118 aws.String("Decrypt"), 119 }, 120 } 121 122 result, err := svc.CreateGrant(input) 123 if err != nil { 124 if aerr, ok := err.(awserr.Error); ok { 125 switch aerr.Code() { 126 case kms.ErrCodeNotFoundException: 127 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 128 case kms.ErrCodeDisabledException: 129 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 130 case kms.ErrCodeDependencyTimeoutException: 131 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 132 case kms.ErrCodeInvalidArnException: 133 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 134 case kms.ErrCodeInternalException: 135 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 136 case kms.ErrCodeInvalidGrantTokenException: 137 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 138 case kms.ErrCodeLimitExceededException: 139 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 140 case kms.ErrCodeInvalidStateException: 141 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 142 default: 143 fmt.Println(aerr.Error()) 144 } 145 } else { 146 // Print the error, cast err to awserr.Error to get the Code and 147 // Message from an error. 148 fmt.Println(err.Error()) 149 } 150 return 151 } 152 153 fmt.Println(result) 154} 155 156// To create a customer master key (CMK) 157// 158// The following example creates a CMK. 159func ExampleKMS_CreateKey_shared00() { 160 svc := kms.New(session.New()) 161 input := &kms.CreateKeyInput{ 162 Tags: []*kms.Tag{ 163 { 164 TagKey: aws.String("CreatedBy"), 165 TagValue: aws.String("ExampleUser"), 166 }, 167 }, 168 } 169 170 result, err := svc.CreateKey(input) 171 if err != nil { 172 if aerr, ok := err.(awserr.Error); ok { 173 switch aerr.Code() { 174 case kms.ErrCodeMalformedPolicyDocumentException: 175 fmt.Println(kms.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 176 case kms.ErrCodeDependencyTimeoutException: 177 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 178 case kms.ErrCodeInvalidArnException: 179 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 180 case kms.ErrCodeUnsupportedOperationException: 181 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 182 case kms.ErrCodeInternalException: 183 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 184 case kms.ErrCodeLimitExceededException: 185 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 186 case kms.ErrCodeTagException: 187 fmt.Println(kms.ErrCodeTagException, aerr.Error()) 188 default: 189 fmt.Println(aerr.Error()) 190 } 191 } else { 192 // Print the error, cast err to awserr.Error to get the Code and 193 // Message from an error. 194 fmt.Println(err.Error()) 195 } 196 return 197 } 198 199 fmt.Println(result) 200} 201 202// To decrypt data 203// 204// The following example decrypts data that was encrypted with a customer master key 205// (CMK) in AWS KMS. 206func ExampleKMS_Decrypt_shared00() { 207 svc := kms.New(session.New()) 208 input := &kms.DecryptInput{ 209 CiphertextBlob: []byte("<binary data>"), 210 } 211 212 result, err := svc.Decrypt(input) 213 if err != nil { 214 if aerr, ok := err.(awserr.Error); ok { 215 switch aerr.Code() { 216 case kms.ErrCodeNotFoundException: 217 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 218 case kms.ErrCodeDisabledException: 219 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 220 case kms.ErrCodeInvalidCiphertextException: 221 fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) 222 case kms.ErrCodeKeyUnavailableException: 223 fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) 224 case kms.ErrCodeDependencyTimeoutException: 225 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 226 case kms.ErrCodeInvalidGrantTokenException: 227 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 228 case kms.ErrCodeInternalException: 229 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 230 case kms.ErrCodeInvalidStateException: 231 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 232 default: 233 fmt.Println(aerr.Error()) 234 } 235 } else { 236 // Print the error, cast err to awserr.Error to get the Code and 237 // Message from an error. 238 fmt.Println(err.Error()) 239 } 240 return 241 } 242 243 fmt.Println(result) 244} 245 246// To delete an alias 247// 248// The following example deletes the specified alias. 249func ExampleKMS_DeleteAlias_shared00() { 250 svc := kms.New(session.New()) 251 input := &kms.DeleteAliasInput{ 252 AliasName: aws.String("alias/ExampleAlias"), 253 } 254 255 result, err := svc.DeleteAlias(input) 256 if err != nil { 257 if aerr, ok := err.(awserr.Error); ok { 258 switch aerr.Code() { 259 case kms.ErrCodeDependencyTimeoutException: 260 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 261 case kms.ErrCodeNotFoundException: 262 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 263 case kms.ErrCodeInternalException: 264 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 265 case kms.ErrCodeInvalidStateException: 266 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 267 default: 268 fmt.Println(aerr.Error()) 269 } 270 } else { 271 // Print the error, cast err to awserr.Error to get the Code and 272 // Message from an error. 273 fmt.Println(err.Error()) 274 } 275 return 276 } 277 278 fmt.Println(result) 279} 280 281// To delete imported key material 282// 283// The following example deletes the imported key material from the specified customer 284// master key (CMK). 285func ExampleKMS_DeleteImportedKeyMaterial_shared00() { 286 svc := kms.New(session.New()) 287 input := &kms.DeleteImportedKeyMaterialInput{ 288 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 289 } 290 291 result, err := svc.DeleteImportedKeyMaterial(input) 292 if err != nil { 293 if aerr, ok := err.(awserr.Error); ok { 294 switch aerr.Code() { 295 case kms.ErrCodeInvalidArnException: 296 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 297 case kms.ErrCodeUnsupportedOperationException: 298 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 299 case kms.ErrCodeDependencyTimeoutException: 300 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 301 case kms.ErrCodeNotFoundException: 302 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 303 case kms.ErrCodeInternalException: 304 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 305 case kms.ErrCodeInvalidStateException: 306 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 307 default: 308 fmt.Println(aerr.Error()) 309 } 310 } else { 311 // Print the error, cast err to awserr.Error to get the Code and 312 // Message from an error. 313 fmt.Println(err.Error()) 314 } 315 return 316 } 317 318 fmt.Println(result) 319} 320 321// To obtain information about a customer master key (CMK) 322// 323// The following example returns information (metadata) about the specified CMK. 324func ExampleKMS_DescribeKey_shared00() { 325 svc := kms.New(session.New()) 326 input := &kms.DescribeKeyInput{ 327 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 328 } 329 330 result, err := svc.DescribeKey(input) 331 if err != nil { 332 if aerr, ok := err.(awserr.Error); ok { 333 switch aerr.Code() { 334 case kms.ErrCodeNotFoundException: 335 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 336 case kms.ErrCodeInvalidArnException: 337 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 338 case kms.ErrCodeDependencyTimeoutException: 339 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 340 case kms.ErrCodeInternalException: 341 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 342 default: 343 fmt.Println(aerr.Error()) 344 } 345 } else { 346 // Print the error, cast err to awserr.Error to get the Code and 347 // Message from an error. 348 fmt.Println(err.Error()) 349 } 350 return 351 } 352 353 fmt.Println(result) 354} 355 356// To disable a customer master key (CMK) 357// 358// The following example disables the specified CMK. 359func ExampleKMS_DisableKey_shared00() { 360 svc := kms.New(session.New()) 361 input := &kms.DisableKeyInput{ 362 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 363 } 364 365 result, err := svc.DisableKey(input) 366 if err != nil { 367 if aerr, ok := err.(awserr.Error); ok { 368 switch aerr.Code() { 369 case kms.ErrCodeNotFoundException: 370 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 371 case kms.ErrCodeInvalidArnException: 372 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 373 case kms.ErrCodeDependencyTimeoutException: 374 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 375 case kms.ErrCodeInternalException: 376 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 377 case kms.ErrCodeInvalidStateException: 378 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 379 default: 380 fmt.Println(aerr.Error()) 381 } 382 } else { 383 // Print the error, cast err to awserr.Error to get the Code and 384 // Message from an error. 385 fmt.Println(err.Error()) 386 } 387 return 388 } 389 390 fmt.Println(result) 391} 392 393// To disable automatic rotation of key material 394// 395// The following example disables automatic annual rotation of the key material for 396// the specified CMK. 397func ExampleKMS_DisableKeyRotation_shared00() { 398 svc := kms.New(session.New()) 399 input := &kms.DisableKeyRotationInput{ 400 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 401 } 402 403 result, err := svc.DisableKeyRotation(input) 404 if err != nil { 405 if aerr, ok := err.(awserr.Error); ok { 406 switch aerr.Code() { 407 case kms.ErrCodeNotFoundException: 408 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 409 case kms.ErrCodeDisabledException: 410 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 411 case kms.ErrCodeInvalidArnException: 412 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 413 case kms.ErrCodeDependencyTimeoutException: 414 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 415 case kms.ErrCodeInternalException: 416 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 417 case kms.ErrCodeInvalidStateException: 418 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 419 case kms.ErrCodeUnsupportedOperationException: 420 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 421 default: 422 fmt.Println(aerr.Error()) 423 } 424 } else { 425 // Print the error, cast err to awserr.Error to get the Code and 426 // Message from an error. 427 fmt.Println(err.Error()) 428 } 429 return 430 } 431 432 fmt.Println(result) 433} 434 435// To enable a customer master key (CMK) 436// 437// The following example enables the specified CMK. 438func ExampleKMS_EnableKey_shared00() { 439 svc := kms.New(session.New()) 440 input := &kms.EnableKeyInput{ 441 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 442 } 443 444 result, err := svc.EnableKey(input) 445 if err != nil { 446 if aerr, ok := err.(awserr.Error); ok { 447 switch aerr.Code() { 448 case kms.ErrCodeNotFoundException: 449 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 450 case kms.ErrCodeInvalidArnException: 451 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 452 case kms.ErrCodeDependencyTimeoutException: 453 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 454 case kms.ErrCodeInternalException: 455 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 456 case kms.ErrCodeLimitExceededException: 457 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 458 case kms.ErrCodeInvalidStateException: 459 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 460 default: 461 fmt.Println(aerr.Error()) 462 } 463 } else { 464 // Print the error, cast err to awserr.Error to get the Code and 465 // Message from an error. 466 fmt.Println(err.Error()) 467 } 468 return 469 } 470 471 fmt.Println(result) 472} 473 474// To enable automatic rotation of key material 475// 476// The following example enables automatic annual rotation of the key material for the 477// specified CMK. 478func ExampleKMS_EnableKeyRotation_shared00() { 479 svc := kms.New(session.New()) 480 input := &kms.EnableKeyRotationInput{ 481 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 482 } 483 484 result, err := svc.EnableKeyRotation(input) 485 if err != nil { 486 if aerr, ok := err.(awserr.Error); ok { 487 switch aerr.Code() { 488 case kms.ErrCodeNotFoundException: 489 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 490 case kms.ErrCodeDisabledException: 491 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 492 case kms.ErrCodeInvalidArnException: 493 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 494 case kms.ErrCodeDependencyTimeoutException: 495 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 496 case kms.ErrCodeInternalException: 497 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 498 case kms.ErrCodeInvalidStateException: 499 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 500 case kms.ErrCodeUnsupportedOperationException: 501 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 502 default: 503 fmt.Println(aerr.Error()) 504 } 505 } else { 506 // Print the error, cast err to awserr.Error to get the Code and 507 // Message from an error. 508 fmt.Println(err.Error()) 509 } 510 return 511 } 512 513 fmt.Println(result) 514} 515 516// To encrypt data 517// 518// The following example encrypts data with the specified customer master key (CMK). 519func ExampleKMS_Encrypt_shared00() { 520 svc := kms.New(session.New()) 521 input := &kms.EncryptInput{ 522 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 523 Plaintext: []byte("<binary data>"), 524 } 525 526 result, err := svc.Encrypt(input) 527 if err != nil { 528 if aerr, ok := err.(awserr.Error); ok { 529 switch aerr.Code() { 530 case kms.ErrCodeNotFoundException: 531 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 532 case kms.ErrCodeDisabledException: 533 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 534 case kms.ErrCodeKeyUnavailableException: 535 fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) 536 case kms.ErrCodeDependencyTimeoutException: 537 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 538 case kms.ErrCodeInvalidKeyUsageException: 539 fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) 540 case kms.ErrCodeInvalidGrantTokenException: 541 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 542 case kms.ErrCodeInternalException: 543 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 544 case kms.ErrCodeInvalidStateException: 545 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 546 default: 547 fmt.Println(aerr.Error()) 548 } 549 } else { 550 // Print the error, cast err to awserr.Error to get the Code and 551 // Message from an error. 552 fmt.Println(err.Error()) 553 } 554 return 555 } 556 557 fmt.Println(result) 558} 559 560// To generate a data key 561// 562// The following example generates a 256-bit symmetric data encryption key (data key) 563// in two formats. One is the unencrypted (plainext) data key, and the other is the 564// data key encrypted with the specified customer master key (CMK). 565func ExampleKMS_GenerateDataKey_shared00() { 566 svc := kms.New(session.New()) 567 input := &kms.GenerateDataKeyInput{ 568 KeyId: aws.String("alias/ExampleAlias"), 569 KeySpec: aws.String("AES_256"), 570 } 571 572 result, err := svc.GenerateDataKey(input) 573 if err != nil { 574 if aerr, ok := err.(awserr.Error); ok { 575 switch aerr.Code() { 576 case kms.ErrCodeNotFoundException: 577 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 578 case kms.ErrCodeDisabledException: 579 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 580 case kms.ErrCodeKeyUnavailableException: 581 fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) 582 case kms.ErrCodeDependencyTimeoutException: 583 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 584 case kms.ErrCodeInvalidKeyUsageException: 585 fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) 586 case kms.ErrCodeInvalidGrantTokenException: 587 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 588 case kms.ErrCodeInternalException: 589 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 590 case kms.ErrCodeInvalidStateException: 591 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 592 default: 593 fmt.Println(aerr.Error()) 594 } 595 } else { 596 // Print the error, cast err to awserr.Error to get the Code and 597 // Message from an error. 598 fmt.Println(err.Error()) 599 } 600 return 601 } 602 603 fmt.Println(result) 604} 605 606// To generate an encrypted data key 607// 608// The following example generates an encrypted copy of a 256-bit symmetric data encryption 609// key (data key). The data key is encrypted with the specified customer master key 610// (CMK). 611func ExampleKMS_GenerateDataKeyWithoutPlaintext_shared00() { 612 svc := kms.New(session.New()) 613 input := &kms.GenerateDataKeyWithoutPlaintextInput{ 614 KeyId: aws.String("alias/ExampleAlias"), 615 KeySpec: aws.String("AES_256"), 616 } 617 618 result, err := svc.GenerateDataKeyWithoutPlaintext(input) 619 if err != nil { 620 if aerr, ok := err.(awserr.Error); ok { 621 switch aerr.Code() { 622 case kms.ErrCodeNotFoundException: 623 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 624 case kms.ErrCodeDisabledException: 625 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 626 case kms.ErrCodeKeyUnavailableException: 627 fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) 628 case kms.ErrCodeDependencyTimeoutException: 629 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 630 case kms.ErrCodeInvalidKeyUsageException: 631 fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) 632 case kms.ErrCodeInvalidGrantTokenException: 633 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 634 case kms.ErrCodeInternalException: 635 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 636 case kms.ErrCodeInvalidStateException: 637 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 638 default: 639 fmt.Println(aerr.Error()) 640 } 641 } else { 642 // Print the error, cast err to awserr.Error to get the Code and 643 // Message from an error. 644 fmt.Println(err.Error()) 645 } 646 return 647 } 648 649 fmt.Println(result) 650} 651 652// To generate random data 653// 654// The following example uses AWS KMS to generate 32 bytes of random data. 655func ExampleKMS_GenerateRandom_shared00() { 656 svc := kms.New(session.New()) 657 input := &kms.GenerateRandomInput{ 658 NumberOfBytes: aws.Int64(32), 659 } 660 661 result, err := svc.GenerateRandom(input) 662 if err != nil { 663 if aerr, ok := err.(awserr.Error); ok { 664 switch aerr.Code() { 665 case kms.ErrCodeDependencyTimeoutException: 666 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 667 case kms.ErrCodeInternalException: 668 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 669 default: 670 fmt.Println(aerr.Error()) 671 } 672 } else { 673 // Print the error, cast err to awserr.Error to get the Code and 674 // Message from an error. 675 fmt.Println(err.Error()) 676 } 677 return 678 } 679 680 fmt.Println(result) 681} 682 683// To retrieve a key policy 684// 685// The following example retrieves the key policy for the specified customer master 686// key (CMK). 687func ExampleKMS_GetKeyPolicy_shared00() { 688 svc := kms.New(session.New()) 689 input := &kms.GetKeyPolicyInput{ 690 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 691 PolicyName: aws.String("default"), 692 } 693 694 result, err := svc.GetKeyPolicy(input) 695 if err != nil { 696 if aerr, ok := err.(awserr.Error); ok { 697 switch aerr.Code() { 698 case kms.ErrCodeNotFoundException: 699 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 700 case kms.ErrCodeInvalidArnException: 701 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 702 case kms.ErrCodeDependencyTimeoutException: 703 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 704 case kms.ErrCodeInternalException: 705 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 706 case kms.ErrCodeInvalidStateException: 707 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 708 default: 709 fmt.Println(aerr.Error()) 710 } 711 } else { 712 // Print the error, cast err to awserr.Error to get the Code and 713 // Message from an error. 714 fmt.Println(err.Error()) 715 } 716 return 717 } 718 719 fmt.Println(result) 720} 721 722// To retrieve the rotation status for a customer master key (CMK) 723// 724// The following example retrieves the status of automatic annual rotation of the key 725// material for the specified CMK. 726func ExampleKMS_GetKeyRotationStatus_shared00() { 727 svc := kms.New(session.New()) 728 input := &kms.GetKeyRotationStatusInput{ 729 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 730 } 731 732 result, err := svc.GetKeyRotationStatus(input) 733 if err != nil { 734 if aerr, ok := err.(awserr.Error); ok { 735 switch aerr.Code() { 736 case kms.ErrCodeNotFoundException: 737 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 738 case kms.ErrCodeInvalidArnException: 739 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 740 case kms.ErrCodeDependencyTimeoutException: 741 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 742 case kms.ErrCodeInternalException: 743 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 744 case kms.ErrCodeInvalidStateException: 745 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 746 case kms.ErrCodeUnsupportedOperationException: 747 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 748 default: 749 fmt.Println(aerr.Error()) 750 } 751 } else { 752 // Print the error, cast err to awserr.Error to get the Code and 753 // Message from an error. 754 fmt.Println(err.Error()) 755 } 756 return 757 } 758 759 fmt.Println(result) 760} 761 762// To retrieve the public key and import token for a customer master key (CMK) 763// 764// The following example retrieves the public key and import token for the specified 765// CMK. 766func ExampleKMS_GetParametersForImport_shared00() { 767 svc := kms.New(session.New()) 768 input := &kms.GetParametersForImportInput{ 769 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 770 WrappingAlgorithm: aws.String("RSAES_OAEP_SHA_1"), 771 WrappingKeySpec: aws.String("RSA_2048"), 772 } 773 774 result, err := svc.GetParametersForImport(input) 775 if err != nil { 776 if aerr, ok := err.(awserr.Error); ok { 777 switch aerr.Code() { 778 case kms.ErrCodeInvalidArnException: 779 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 780 case kms.ErrCodeUnsupportedOperationException: 781 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 782 case kms.ErrCodeDependencyTimeoutException: 783 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 784 case kms.ErrCodeNotFoundException: 785 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 786 case kms.ErrCodeInternalException: 787 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 788 case kms.ErrCodeInvalidStateException: 789 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 790 default: 791 fmt.Println(aerr.Error()) 792 } 793 } else { 794 // Print the error, cast err to awserr.Error to get the Code and 795 // Message from an error. 796 fmt.Println(err.Error()) 797 } 798 return 799 } 800 801 fmt.Println(result) 802} 803 804// To import key material into a customer master key (CMK) 805// 806// The following example imports key material into the specified CMK. 807func ExampleKMS_ImportKeyMaterial_shared00() { 808 svc := kms.New(session.New()) 809 input := &kms.ImportKeyMaterialInput{ 810 EncryptedKeyMaterial: []byte("<binary data>"), 811 ExpirationModel: aws.String("KEY_MATERIAL_DOES_NOT_EXPIRE"), 812 ImportToken: []byte("<binary data>"), 813 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 814 } 815 816 result, err := svc.ImportKeyMaterial(input) 817 if err != nil { 818 if aerr, ok := err.(awserr.Error); ok { 819 switch aerr.Code() { 820 case kms.ErrCodeInvalidArnException: 821 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 822 case kms.ErrCodeUnsupportedOperationException: 823 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 824 case kms.ErrCodeDependencyTimeoutException: 825 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 826 case kms.ErrCodeNotFoundException: 827 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 828 case kms.ErrCodeInternalException: 829 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 830 case kms.ErrCodeInvalidStateException: 831 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 832 case kms.ErrCodeInvalidCiphertextException: 833 fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) 834 case kms.ErrCodeIncorrectKeyMaterialException: 835 fmt.Println(kms.ErrCodeIncorrectKeyMaterialException, aerr.Error()) 836 case kms.ErrCodeExpiredImportTokenException: 837 fmt.Println(kms.ErrCodeExpiredImportTokenException, aerr.Error()) 838 case kms.ErrCodeInvalidImportTokenException: 839 fmt.Println(kms.ErrCodeInvalidImportTokenException, aerr.Error()) 840 default: 841 fmt.Println(aerr.Error()) 842 } 843 } else { 844 // Print the error, cast err to awserr.Error to get the Code and 845 // Message from an error. 846 fmt.Println(err.Error()) 847 } 848 return 849 } 850 851 fmt.Println(result) 852} 853 854// To list aliases 855// 856// The following example lists aliases. 857func ExampleKMS_ListAliases_shared00() { 858 svc := kms.New(session.New()) 859 input := &kms.ListAliasesInput{} 860 861 result, err := svc.ListAliases(input) 862 if err != nil { 863 if aerr, ok := err.(awserr.Error); ok { 864 switch aerr.Code() { 865 case kms.ErrCodeDependencyTimeoutException: 866 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 867 case kms.ErrCodeInvalidMarkerException: 868 fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) 869 case kms.ErrCodeInternalException: 870 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 871 default: 872 fmt.Println(aerr.Error()) 873 } 874 } else { 875 // Print the error, cast err to awserr.Error to get the Code and 876 // Message from an error. 877 fmt.Println(err.Error()) 878 } 879 return 880 } 881 882 fmt.Println(result) 883} 884 885// To list grants for a customer master key (CMK) 886// 887// The following example lists grants for the specified CMK. 888func ExampleKMS_ListGrants_shared00() { 889 svc := kms.New(session.New()) 890 input := &kms.ListGrantsInput{ 891 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 892 } 893 894 result, err := svc.ListGrants(input) 895 if err != nil { 896 if aerr, ok := err.(awserr.Error); ok { 897 switch aerr.Code() { 898 case kms.ErrCodeNotFoundException: 899 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 900 case kms.ErrCodeDependencyTimeoutException: 901 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 902 case kms.ErrCodeInvalidMarkerException: 903 fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) 904 case kms.ErrCodeInvalidArnException: 905 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 906 case kms.ErrCodeInternalException: 907 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 908 case kms.ErrCodeInvalidStateException: 909 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 910 default: 911 fmt.Println(aerr.Error()) 912 } 913 } else { 914 // Print the error, cast err to awserr.Error to get the Code and 915 // Message from an error. 916 fmt.Println(err.Error()) 917 } 918 return 919 } 920 921 fmt.Println(result) 922} 923 924// To list key policies for a customer master key (CMK) 925// 926// The following example lists key policies for the specified CMK. 927func ExampleKMS_ListKeyPolicies_shared00() { 928 svc := kms.New(session.New()) 929 input := &kms.ListKeyPoliciesInput{ 930 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 931 } 932 933 result, err := svc.ListKeyPolicies(input) 934 if err != nil { 935 if aerr, ok := err.(awserr.Error); ok { 936 switch aerr.Code() { 937 case kms.ErrCodeNotFoundException: 938 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 939 case kms.ErrCodeInvalidArnException: 940 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 941 case kms.ErrCodeDependencyTimeoutException: 942 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 943 case kms.ErrCodeInternalException: 944 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 945 case kms.ErrCodeInvalidStateException: 946 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 947 default: 948 fmt.Println(aerr.Error()) 949 } 950 } else { 951 // Print the error, cast err to awserr.Error to get the Code and 952 // Message from an error. 953 fmt.Println(err.Error()) 954 } 955 return 956 } 957 958 fmt.Println(result) 959} 960 961// To list customer master keys (CMKs) 962// 963// The following example lists CMKs. 964func ExampleKMS_ListKeys_shared00() { 965 svc := kms.New(session.New()) 966 input := &kms.ListKeysInput{} 967 968 result, err := svc.ListKeys(input) 969 if err != nil { 970 if aerr, ok := err.(awserr.Error); ok { 971 switch aerr.Code() { 972 case kms.ErrCodeDependencyTimeoutException: 973 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 974 case kms.ErrCodeInternalException: 975 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 976 case kms.ErrCodeInvalidMarkerException: 977 fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) 978 default: 979 fmt.Println(aerr.Error()) 980 } 981 } else { 982 // Print the error, cast err to awserr.Error to get the Code and 983 // Message from an error. 984 fmt.Println(err.Error()) 985 } 986 return 987 } 988 989 fmt.Println(result) 990} 991 992// To list tags for a customer master key (CMK) 993// 994// The following example lists tags for a CMK. 995func ExampleKMS_ListResourceTags_shared00() { 996 svc := kms.New(session.New()) 997 input := &kms.ListResourceTagsInput{ 998 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 999 } 1000 1001 result, err := svc.ListResourceTags(input) 1002 if err != nil { 1003 if aerr, ok := err.(awserr.Error); ok { 1004 switch aerr.Code() { 1005 case kms.ErrCodeInternalException: 1006 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1007 case kms.ErrCodeNotFoundException: 1008 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1009 case kms.ErrCodeInvalidArnException: 1010 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1011 case kms.ErrCodeInvalidMarkerException: 1012 fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) 1013 default: 1014 fmt.Println(aerr.Error()) 1015 } 1016 } else { 1017 // Print the error, cast err to awserr.Error to get the Code and 1018 // Message from an error. 1019 fmt.Println(err.Error()) 1020 } 1021 return 1022 } 1023 1024 fmt.Println(result) 1025} 1026 1027// To list grants that the specified principal can retire 1028// 1029// The following example lists the grants that the specified principal (identity) can 1030// retire. 1031func ExampleKMS_ListRetirableGrants_shared00() { 1032 svc := kms.New(session.New()) 1033 input := &kms.ListRetirableGrantsInput{ 1034 RetiringPrincipal: aws.String("arn:aws:iam::111122223333:role/ExampleRole"), 1035 } 1036 1037 result, err := svc.ListRetirableGrants(input) 1038 if err != nil { 1039 if aerr, ok := err.(awserr.Error); ok { 1040 switch aerr.Code() { 1041 case kms.ErrCodeDependencyTimeoutException: 1042 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1043 case kms.ErrCodeInvalidMarkerException: 1044 fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) 1045 case kms.ErrCodeInvalidArnException: 1046 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1047 case kms.ErrCodeNotFoundException: 1048 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1049 case kms.ErrCodeInternalException: 1050 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1051 default: 1052 fmt.Println(aerr.Error()) 1053 } 1054 } else { 1055 // Print the error, cast err to awserr.Error to get the Code and 1056 // Message from an error. 1057 fmt.Println(err.Error()) 1058 } 1059 return 1060 } 1061 1062 fmt.Println(result) 1063} 1064 1065// To attach a key policy to a customer master key (CMK) 1066// 1067// The following example attaches a key policy to the specified CMK. 1068func ExampleKMS_PutKeyPolicy_shared00() { 1069 svc := kms.New(session.New()) 1070 input := &kms.PutKeyPolicyInput{ 1071 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1072 Policy: aws.String("{\n \"Version\": \"2012-10-17\",\n \"Id\": \"custom-policy-2016-12-07\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:root\"\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow access for Key Administrators\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": [\n \"arn:aws:iam::111122223333:user/ExampleAdminUser\",\n \"arn:aws:iam::111122223333:role/ExampleAdminRole\"\n ]\n },\n \"Action\": [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:DescribeKey\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow attachment of persistent resources\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:CreateGrant\",\n \"kms:ListGrants\",\n \"kms:RevokeGrant\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\"\n }\n }\n }\n ]\n}\n"), 1073 PolicyName: aws.String("default"), 1074 } 1075 1076 result, err := svc.PutKeyPolicy(input) 1077 if err != nil { 1078 if aerr, ok := err.(awserr.Error); ok { 1079 switch aerr.Code() { 1080 case kms.ErrCodeNotFoundException: 1081 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1082 case kms.ErrCodeInvalidArnException: 1083 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1084 case kms.ErrCodeMalformedPolicyDocumentException: 1085 fmt.Println(kms.ErrCodeMalformedPolicyDocumentException, aerr.Error()) 1086 case kms.ErrCodeDependencyTimeoutException: 1087 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1088 case kms.ErrCodeUnsupportedOperationException: 1089 fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) 1090 case kms.ErrCodeInternalException: 1091 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1092 case kms.ErrCodeLimitExceededException: 1093 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 1094 case kms.ErrCodeInvalidStateException: 1095 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1096 default: 1097 fmt.Println(aerr.Error()) 1098 } 1099 } else { 1100 // Print the error, cast err to awserr.Error to get the Code and 1101 // Message from an error. 1102 fmt.Println(err.Error()) 1103 } 1104 return 1105 } 1106 1107 fmt.Println(result) 1108} 1109 1110// To reencrypt data 1111// 1112// The following example reencrypts data with the specified CMK. 1113func ExampleKMS_ReEncrypt_shared00() { 1114 svc := kms.New(session.New()) 1115 input := &kms.ReEncryptInput{ 1116 CiphertextBlob: []byte("<binary data>"), 1117 DestinationKeyId: aws.String("0987dcba-09fe-87dc-65ba-ab0987654321"), 1118 } 1119 1120 result, err := svc.ReEncrypt(input) 1121 if err != nil { 1122 if aerr, ok := err.(awserr.Error); ok { 1123 switch aerr.Code() { 1124 case kms.ErrCodeNotFoundException: 1125 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1126 case kms.ErrCodeDisabledException: 1127 fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) 1128 case kms.ErrCodeInvalidCiphertextException: 1129 fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) 1130 case kms.ErrCodeKeyUnavailableException: 1131 fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) 1132 case kms.ErrCodeDependencyTimeoutException: 1133 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1134 case kms.ErrCodeInvalidKeyUsageException: 1135 fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) 1136 case kms.ErrCodeInvalidGrantTokenException: 1137 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 1138 case kms.ErrCodeInternalException: 1139 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1140 case kms.ErrCodeInvalidStateException: 1141 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1142 default: 1143 fmt.Println(aerr.Error()) 1144 } 1145 } else { 1146 // Print the error, cast err to awserr.Error to get the Code and 1147 // Message from an error. 1148 fmt.Println(err.Error()) 1149 } 1150 return 1151 } 1152 1153 fmt.Println(result) 1154} 1155 1156// To retire a grant 1157// 1158// The following example retires a grant. 1159func ExampleKMS_RetireGrant_shared00() { 1160 svc := kms.New(session.New()) 1161 input := &kms.RetireGrantInput{ 1162 GrantId: aws.String("0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60"), 1163 KeyId: aws.String("arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"), 1164 } 1165 1166 result, err := svc.RetireGrant(input) 1167 if err != nil { 1168 if aerr, ok := err.(awserr.Error); ok { 1169 switch aerr.Code() { 1170 case kms.ErrCodeInvalidArnException: 1171 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1172 case kms.ErrCodeInvalidGrantTokenException: 1173 fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) 1174 case kms.ErrCodeInvalidGrantIdException: 1175 fmt.Println(kms.ErrCodeInvalidGrantIdException, aerr.Error()) 1176 case kms.ErrCodeNotFoundException: 1177 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1178 case kms.ErrCodeDependencyTimeoutException: 1179 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1180 case kms.ErrCodeInternalException: 1181 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1182 case kms.ErrCodeInvalidStateException: 1183 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1184 default: 1185 fmt.Println(aerr.Error()) 1186 } 1187 } else { 1188 // Print the error, cast err to awserr.Error to get the Code and 1189 // Message from an error. 1190 fmt.Println(err.Error()) 1191 } 1192 return 1193 } 1194 1195 fmt.Println(result) 1196} 1197 1198// To revoke a grant 1199// 1200// The following example revokes a grant. 1201func ExampleKMS_RevokeGrant_shared00() { 1202 svc := kms.New(session.New()) 1203 input := &kms.RevokeGrantInput{ 1204 GrantId: aws.String("0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60"), 1205 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1206 } 1207 1208 result, err := svc.RevokeGrant(input) 1209 if err != nil { 1210 if aerr, ok := err.(awserr.Error); ok { 1211 switch aerr.Code() { 1212 case kms.ErrCodeNotFoundException: 1213 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1214 case kms.ErrCodeDependencyTimeoutException: 1215 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1216 case kms.ErrCodeInvalidArnException: 1217 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1218 case kms.ErrCodeInvalidGrantIdException: 1219 fmt.Println(kms.ErrCodeInvalidGrantIdException, aerr.Error()) 1220 case kms.ErrCodeInternalException: 1221 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1222 case kms.ErrCodeInvalidStateException: 1223 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1224 default: 1225 fmt.Println(aerr.Error()) 1226 } 1227 } else { 1228 // Print the error, cast err to awserr.Error to get the Code and 1229 // Message from an error. 1230 fmt.Println(err.Error()) 1231 } 1232 return 1233 } 1234 1235 fmt.Println(result) 1236} 1237 1238// To schedule a customer master key (CMK) for deletion 1239// 1240// The following example schedules the specified CMK for deletion. 1241func ExampleKMS_ScheduleKeyDeletion_shared00() { 1242 svc := kms.New(session.New()) 1243 input := &kms.ScheduleKeyDeletionInput{ 1244 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1245 PendingWindowInDays: aws.Int64(7), 1246 } 1247 1248 result, err := svc.ScheduleKeyDeletion(input) 1249 if err != nil { 1250 if aerr, ok := err.(awserr.Error); ok { 1251 switch aerr.Code() { 1252 case kms.ErrCodeNotFoundException: 1253 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1254 case kms.ErrCodeInvalidArnException: 1255 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1256 case kms.ErrCodeDependencyTimeoutException: 1257 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1258 case kms.ErrCodeInternalException: 1259 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1260 case kms.ErrCodeInvalidStateException: 1261 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1262 default: 1263 fmt.Println(aerr.Error()) 1264 } 1265 } else { 1266 // Print the error, cast err to awserr.Error to get the Code and 1267 // Message from an error. 1268 fmt.Println(err.Error()) 1269 } 1270 return 1271 } 1272 1273 fmt.Println(result) 1274} 1275 1276// To tag a customer master key (CMK) 1277// 1278// The following example tags a CMK. 1279func ExampleKMS_TagResource_shared00() { 1280 svc := kms.New(session.New()) 1281 input := &kms.TagResourceInput{ 1282 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1283 Tags: []*kms.Tag{ 1284 { 1285 TagKey: aws.String("Purpose"), 1286 TagValue: aws.String("Test"), 1287 }, 1288 }, 1289 } 1290 1291 result, err := svc.TagResource(input) 1292 if err != nil { 1293 if aerr, ok := err.(awserr.Error); ok { 1294 switch aerr.Code() { 1295 case kms.ErrCodeInternalException: 1296 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1297 case kms.ErrCodeNotFoundException: 1298 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1299 case kms.ErrCodeInvalidArnException: 1300 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1301 case kms.ErrCodeInvalidStateException: 1302 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1303 case kms.ErrCodeLimitExceededException: 1304 fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) 1305 case kms.ErrCodeTagException: 1306 fmt.Println(kms.ErrCodeTagException, aerr.Error()) 1307 default: 1308 fmt.Println(aerr.Error()) 1309 } 1310 } else { 1311 // Print the error, cast err to awserr.Error to get the Code and 1312 // Message from an error. 1313 fmt.Println(err.Error()) 1314 } 1315 return 1316 } 1317 1318 fmt.Println(result) 1319} 1320 1321// To remove tags from a customer master key (CMK) 1322// 1323// The following example removes tags from a CMK. 1324func ExampleKMS_UntagResource_shared00() { 1325 svc := kms.New(session.New()) 1326 input := &kms.UntagResourceInput{ 1327 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1328 TagKeys: []*string{ 1329 aws.String("Purpose"), 1330 aws.String("CostCenter"), 1331 }, 1332 } 1333 1334 result, err := svc.UntagResource(input) 1335 if err != nil { 1336 if aerr, ok := err.(awserr.Error); ok { 1337 switch aerr.Code() { 1338 case kms.ErrCodeInternalException: 1339 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1340 case kms.ErrCodeNotFoundException: 1341 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1342 case kms.ErrCodeInvalidArnException: 1343 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1344 case kms.ErrCodeInvalidStateException: 1345 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1346 case kms.ErrCodeTagException: 1347 fmt.Println(kms.ErrCodeTagException, aerr.Error()) 1348 default: 1349 fmt.Println(aerr.Error()) 1350 } 1351 } else { 1352 // Print the error, cast err to awserr.Error to get the Code and 1353 // Message from an error. 1354 fmt.Println(err.Error()) 1355 } 1356 return 1357 } 1358 1359 fmt.Println(result) 1360} 1361 1362// To update an alias 1363// 1364// The following example updates the specified alias to refer to the specified customer 1365// master key (CMK). 1366func ExampleKMS_UpdateAlias_shared00() { 1367 svc := kms.New(session.New()) 1368 input := &kms.UpdateAliasInput{ 1369 AliasName: aws.String("alias/ExampleAlias"), 1370 TargetKeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1371 } 1372 1373 result, err := svc.UpdateAlias(input) 1374 if err != nil { 1375 if aerr, ok := err.(awserr.Error); ok { 1376 switch aerr.Code() { 1377 case kms.ErrCodeDependencyTimeoutException: 1378 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1379 case kms.ErrCodeNotFoundException: 1380 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1381 case kms.ErrCodeInternalException: 1382 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1383 case kms.ErrCodeInvalidStateException: 1384 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1385 default: 1386 fmt.Println(aerr.Error()) 1387 } 1388 } else { 1389 // Print the error, cast err to awserr.Error to get the Code and 1390 // Message from an error. 1391 fmt.Println(err.Error()) 1392 } 1393 return 1394 } 1395 1396 fmt.Println(result) 1397} 1398 1399// To update the description of a customer master key (CMK) 1400// 1401// The following example updates the description of the specified CMK. 1402func ExampleKMS_UpdateKeyDescription_shared00() { 1403 svc := kms.New(session.New()) 1404 input := &kms.UpdateKeyDescriptionInput{ 1405 Description: aws.String("Example description that indicates the intended use of this CMK."), 1406 KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), 1407 } 1408 1409 result, err := svc.UpdateKeyDescription(input) 1410 if err != nil { 1411 if aerr, ok := err.(awserr.Error); ok { 1412 switch aerr.Code() { 1413 case kms.ErrCodeNotFoundException: 1414 fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) 1415 case kms.ErrCodeInvalidArnException: 1416 fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) 1417 case kms.ErrCodeDependencyTimeoutException: 1418 fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) 1419 case kms.ErrCodeInternalException: 1420 fmt.Println(kms.ErrCodeInternalException, aerr.Error()) 1421 case kms.ErrCodeInvalidStateException: 1422 fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) 1423 default: 1424 fmt.Println(aerr.Error()) 1425 } 1426 } else { 1427 // Print the error, cast err to awserr.Error to get the Code and 1428 // Message from an error. 1429 fmt.Println(err.Error()) 1430 } 1431 return 1432 } 1433 1434 fmt.Println(result) 1435} 1436