![]() ![]() If the example does not find an existing CMK, it creates a new one and returns its ID and ARN.ĭef create_cmk ( desc = 'Customer Master Key' ): """Create a KMS Customer Master Key The created CMK is a Customer-managed key stored in AWS KMS. ![]() error ( e ) return None, None # All existing CMKs were checked and the desired key was not found return None, None Create a customer master key # list_keys ( Marker = response ) except ClientError as e : logging. debug ( 'A CMK with the specified description was not found' ) done = True else : # Yes, retrieve another batch try : response = kms_client. error ( e ) return None, None # Is this the key we're looking for? if key_info = desc : return cmk, cmk # Are there more keys to retrieve? if not response : # No, the CMK was not found logging. describe_key ( KeyId = cmk ) except ClientError as e : logging. error ( e ) return None, None done = False while not done : for cmk in response : # Get info about the key, including its description try : key_info = kms_client. list_keys () except ClientError as e : logging. ![]() client ( 'kms' ) try : response = kms_client. Def retrieve_cmk ( desc ): """Retrieve an existing KMS CMK based on its description :param desc: Description of CMK specified when the CMK was created :return Tuple(KeyId, KeyArn) where: KeyId: CMK ID KeyArn: Amazon Resource Name of CMK :return Tuple(None, None) if a CMK with the specified description was not found """ # Retrieve a list of existing CMKs # If more than 100 keys exist, retrieve and process them in batches kms_client = boto3. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |