com.amazonaws.services.kms.model.AliasListEntry Java Examples

private static void cleanUpKMSKeys(Regions testRegion, String testResourcePrefix, Date createdBeforeThreshold,
                                   AWSCredentialsProvider awsCredentials) {
    LOG.info("Cleaning KMS...");

    AWSKMS kmsClient = AWSKMSClientBuilder.standard()
            .withCredentials(awsCredentials)
            .withRegion(testRegion)
            .build();

    List<AliasListEntry> keys = kmsClient.listAliases().getAliases();
    for (AliasListEntry entry: keys) {
        if (!entry.getAliasName().startsWith("alias/" + testResourcePrefix)) {
            continue;
        }

        DescribeKeyRequest request = new DescribeKeyRequest().withKeyId(entry.getTargetKeyId());
        KeyMetadata metadata = kmsClient.describeKey(request).getKeyMetadata();

        if (KMSKeyState.fromString(metadata.getKeyState()) != KMSKeyState.PENDING_DELETION &&
                metadata.getCreationDate().before(createdBeforeThreshold)) {
            LOG.info("Scheduling KMS key for deletion:" + entry.getAliasName());
            scheduleKeyDeletion(kmsClient, entry);
        }
    }
}
 

public static void main(String[] args) {
    AWSKMS kmsClient = AWSKMSClientBuilder.standard().build();

    // List the aliases in this AWS account
    //
    Integer limit = 10;

    String nextMarker = null;
    do {
        ListAliasesRequest req = new ListAliasesRequest()
            .withMarker(nextMarker).withLimit(limit);
        ListAliasesResult result = kmsClient.listAliases(req);
        for (AliasListEntry alias : result.getAliases()) {
            System.out.printf("Found an alias named \"%s\".%n", alias.getAliasName());
        }
        nextMarker = result.getNextMarker();
    } while (nextMarker != null);

}
 

@Test
public void collectEncryptionKeysWhenWeGetBackInfoThenItShouldReturnListWithElements() {
    ListKeysResult listKeysResult = new ListKeysResult();

    Set<KeyListEntry> listEntries = new HashSet<>();
    listEntries.add(keyListEntry(1));
    listEntries.add(keyListEntry(2));
    listEntries.add(keyListEntry(3));
    listEntries.add(keyListEntry(4));

    listKeysResult.setKeys(listEntries);

    DescribeKeyResult describeKeyResult = new DescribeKeyResult();
    describeKeyResult.setKeyMetadata(new KeyMetadata());

    ListAliasesResult describeAliasResult = new ListAliasesResult();

    Set<AliasListEntry> aliasListEntries = new HashSet<>();
    aliasListEntries.add(aliasListEntry(1));
    aliasListEntries.add(aliasListEntry(2));
    aliasListEntries.add(aliasListEntry(3));
    aliasListEntries.add(aliasListEntry(4));

    describeAliasResult.setAliases(aliasListEntries);

    when(awsClient.createAWSKMS(any(AwsCredentialView.class), anyString())).thenReturn(awskmsClient);
    when(awskmsClient.listKeys(any(ListKeysRequest.class))).thenReturn(listKeysResult);
    when(awskmsClient.describeKey(any(DescribeKeyRequest.class))).thenReturn(describeKeyResult);
    when(awskmsClient.listAliases(any(ListAliasesRequest.class))).thenReturn(describeAliasResult);

    CloudEncryptionKeys cloudEncryptionKeys =
            underTest.encryptionKeys(new CloudCredential("crn", "aws-credential"), region("London"), new HashMap<>());

    Assert.assertEquals(4L, cloudEncryptionKeys.getCloudEncryptionKeys().size());
}
 

private static void scheduleKeyDeletion(AWSKMS client, AliasListEntry entry) {
    ScheduleKeyDeletionRequest deletionRequest = new ScheduleKeyDeletionRequest();
    deletionRequest.withKeyId(entry.getTargetKeyId()).withPendingWindowInDays(7);
    client.scheduleKeyDeletion(deletionRequest);
}
 

/**
 * Gets the alias.
 *
 * @return the alias
 */
public AliasListEntry getAlias() {
	return alias;
}
 

/**
 * Sets the alias.
 *
 * @param alias the new alias
 */
public void setAlias(AliasListEntry alias) {
	this.alias = alias;
}