back
loading skill details...
Provides AWS Key Management Service (KMS) patterns using AWS SDK for Java 2.x. Use when creating/managing encryption keys, encrypting/decrypting data,…
AWS KMS key management, encryption, and digital signing for Java applications with envelope encryption and Spring Boot integration. Covers key creation, encryption/decryption, envelope encryption for large data, digital signatures, and key rotation using AWS SDK for Java 2.x Includes synchronous and asynchronous client setup, Spring Boot service configuration, and IAM permission patterns Provides envelope encryption patterns to reduce KMS API calls and support data larger than 4KB limit Demonstrates Spring Boot integration with configuration beans and injectable encryption services AWS SDK for Java 2.x - AWS KMS (Key Management Service) Overview Provides AWS KMS patterns using AWS SDK for Java 2.x. Covers key management, encryption/decryption, envelope encryption, digital signatures, and Spring Boot integration. Instructions Set Up IAM Permissions - Grant kms:* actions with least privilege Create KMS Client - Instantiate KmsClient with region and credentials Create Keys - Use createKey() → Verify key state is ENABLED before proceeding Set Key Policies - Define key usage permissions → Test access before production Encrypt Data - Use encrypt() for data <4KB; Verify ciphertext is not empty Envelope Encryption - For larger data, use generateDataKey() → Verify data key generation succeeded Digital Signatures - Create signing keys → Verify signatureValid=true after sign/verify Key Rotation - Enable auto-rotation → Confirm rotation schedule is active When to Use
don't have the plugin yet? install it then click "run inline in claude" again.