404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.14.146.45: ~ $
**Example 1: To encrypt the contents of a file on Linux or MacOS**

The following ``encrypt`` command demonstrates the recommended way to encrypt data with the AWS CLI. ::

    aws kms encrypt \
        --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \
        --plaintext fileb://ExamplePlaintextFile \
        --output text \
        --query CiphertextBlob | base64 \
        --decode > ExampleEncryptedFile

The command does several things:

#. Uses the ``--plaintext`` parameter to indicate the data to encrypt. This parameter value must be base64-encoded. 

    The value of the ``plaintext`` parameter must be base64-encoded, or you must use the ``fileb://`` prefix, which tells the AWS CLI to read binary data from the file.
    
    If the file is not in the current directory, type the full path to file. For example: ``fileb:///var/tmp/ExamplePlaintextFile`` or ``fileb://C:\Temp\ExamplePlaintextFile``. For more information about reading AWS CLI parameter values from a file, see `Loading Parameters from a File <https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-file>`__ in the *AWS Command Line Interface User Guide* and `Best Practices for Local File Parameters <https://blogs.aws.amazon.com/cli/post/TxLWWN1O25V1HE/Best-Practices-for-Local-File-Parameters>`__ on the AWS Command Line Tool Blog.

#. Uses the ``--output`` and ``--query`` parameters to control the command's output.

    These parameters extract the encrypted data, called the *ciphertext*, from the command's output.

    For more information about controlling output, see `Controlling Command Output <https://docs.aws.amazon.com/cli/latest/userguide/controlling-output.html>`__ in the *AWS Command Line Interface User Guide*.

#. Uses the ``base64`` utility to decode the extracted output into binary data.

    The ciphertext that is returned by a successful ``encrypt`` command is base64-encoded text. You must decode this text before you can use the AWS CLI to decrypt it.

#. Saves the binary ciphertext to a file.

    The final part of the command (``> ExampleEncryptedFile``) saves the binary ciphertext to a file to make decryption easier. For an example command that uses the AWS CLI to decrypt data, see the `decrypt examples <decrypt.html#examples>`_.

**Example 2: Using the AWS CLI to encrypt data on Windows**

This example is the same as the previous one, except that it uses the ``certutil`` tool instead of ``base64``. This procedure requires two commands, as shown in the following example. ::

    aws kms encrypt \
        --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \
        --plaintext fileb://ExamplePlaintextFile \
        --output text \
        --query CiphertextBlob > C:\Temp\ExampleEncryptedFile.base64

    certutil -decode C:\Temp\ExampleEncryptedFile.base64 C:\Temp\ExampleEncryptedFile

**Example 3: Encrypting with an asymmetric KMS key**

The following ``encrypt`` command shows how to encrypt plaintext with an asymmetric KMS key. The ``--encryption-algorithm`` parameter is required. As in all ``encrypt`` CLI commands, the ``plaintext`` parameter must be base64-encoded, or you must use the ``fileb://`` prefix, which tells the AWS CLI to read binary data from the file. ::

    aws kms encrypt \
        --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \
        --encryption-algorithm RSAES_OAEP_SHA_256 \
        --plaintext fileb://ExamplePlaintextFile \
        --output text \
        --query CiphertextBlob | base64 \
        --decode > ExampleEncryptedFile

This command produces no output.

Filemanager

Name Type Size Permission Actions
cancel-key-deletion.rst File 884 B 0644
connect-custom-key-store.rst File 1.08 KB 0755
create-alias.rst File 729 B 0644
create-custom-key-store.rst File 3.75 KB 0755
create-grant.rst File 1.18 KB 0755
create-key.rst File 12.17 KB 0644
decrypt.rst File 4.44 KB 0644
delete-alias.rst File 502 B 0644
delete-custom-key-store.rst File 1.47 KB 0755
delete-imported-key-material.rst File 656 B 0644
describe-custom-key-stores.rst File 5.32 KB 0755
describe-key.rst File 5.76 KB 0644
disable-key-rotation.rst File 679 B 0644
disable-key.rst File 503 B 0644
disconnect-custom-key-store.rst File 1.25 KB 0644
enable-key-rotation.rst File 708 B 0644
enable-key.rst File 1.02 KB 0644
encrypt.rst File 3.47 KB 0644
generate-data-key-pair-without-plaintext.rst File 1.66 KB 0644
generate-data-key-pair.rst File 1.73 KB 0644
generate-data-key-without-plaintext.rst File 1.35 KB 0644
generate-data-key.rst File 3.17 KB 0644
generate-random.rst File 3.16 KB 0644
get-key-policy.rst File 956 B 0644
get-key-rotation-status.rst File 656 B 0644
get-parameters-for-import.rst File 1.36 KB 0644
get-public-key.rst File 2.31 KB 0644
import-key-material.rst File 1.51 KB 0644
list-aliases.rst File 2.72 KB 0755
list-grants.rst File 2.55 KB 0755
list-key-policies.rst File 926 B 0644
list-keys.rst File 1.04 KB 0644
list-resource-tags.rst File 980 B 0644
list-retirable-grants.rst File 2.92 KB 0644
put-key-policy.rst File 3.44 KB 0755
re-encrypt.rst File 3.82 KB 0644
retire-grant.rst File 810 B 0644
revoke-grant.rst File 776 B 0644
schedule-key-deletion.rst File 1.44 KB 0644
sign.rst File 3.08 KB 0644
tag-resource.rst File 891 B 0644
untag-resource.rst File 836 B 0644
update-alias.rst File 814 B 0644
update-custom-key-store.rst File 6.61 KB 0755
update-key-description.rst File 1.85 KB 0644
verify.rst File 1.38 KB 0644