com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider Java Examples

The following examples show how to use com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ClientSideKMSEncryptionStrategy.java    From nifi with Apache License 2.0 6 votes vote down vote up 
/**
 * Create an encryption client.
 *
 * @param credentialsProvider AWS credentials provider.
 * @param clientConfiguration Client configuration
 * @param kmsRegion AWS KMS region
 * @param keyIdOrMaterial KMS key id
 * @return AWS S3 client
 */
@Override
public AmazonS3Client createEncryptionClient(AWSCredentialsProvider credentialsProvider, ClientConfiguration clientConfiguration, String kmsRegion, String keyIdOrMaterial) {
    KMSEncryptionMaterialsProvider materialProvider = new KMSEncryptionMaterialsProvider(keyIdOrMaterial);
    boolean haveKmsRegion = StringUtils.isNotBlank(kmsRegion);

    CryptoConfiguration cryptoConfig = new CryptoConfiguration();
    if (haveKmsRegion) {
        Region awsRegion = Region.getRegion(Regions.fromName(kmsRegion));
        cryptoConfig.setAwsKmsRegion(awsRegion);
    }

    AmazonS3EncryptionClient client = new AmazonS3EncryptionClient(credentialsProvider, materialProvider, cryptoConfig);

    return client;
}
Example #2
Source File: PrestoS3FileSystem.java    From presto with Apache License 2.0 5 votes vote down vote up 
private static Optional<EncryptionMaterialsProvider> createEncryptionMaterialsProvider(Configuration hadoopConfig)
{
    String kmsKeyId = hadoopConfig.get(S3_KMS_KEY_ID);
    if (kmsKeyId != null) {
        return Optional.of(new KMSEncryptionMaterialsProvider(kmsKeyId));
    }

    String empClassName = hadoopConfig.get(S3_ENCRYPTION_MATERIALS_PROVIDER);
    if (empClassName == null) {
        return Optional.empty();
    }

    try {
        Object instance = Class.forName(empClassName).getConstructor().newInstance();
        if (!(instance instanceof EncryptionMaterialsProvider)) {
            throw new RuntimeException("Invalid encryption materials provider class: " + instance.getClass().getName());
        }
        EncryptionMaterialsProvider emp = (EncryptionMaterialsProvider) instance;
        if (emp instanceof Configurable) {
            ((Configurable) emp).setConf(hadoopConfig);
        }
        return Optional.of(emp);
    }
    catch (ReflectiveOperationException e) {
        throw new RuntimeException("Unable to load or create S3 encryption materials provider: " + empClassName, e);
    }
}