Encrypting data using the AWS Encryption SDK
Written by
Updated at January 26, 2024
AWS Encryption SDK
The Yandex Cloud provider for the AWS Encryption SDK
Adding dependencies
Before you start, you need to add dependencies.
Java
Add dependencies using Apache Maven
<dependency>
<groupId>com.yandex.cloud</groupId>
<artifactId>kms-provider-awscrypto</artifactId>
<version>2.1</version>
</dependency>
Encryption and decryption
Create a Yandex Cloud provider for the AWS Encryption SDK and use the methods of the AwsCrypto
Java
YcKmsMasterKeyProvider provider = new YcKmsMasterKeyProvider()
.withEndpoint(endpoint)
.withCredentials(credentialProvider)
.withKeyId(keyId);
AwsCrypto awsCrypto = AwsCrypto.standard();
...
byte[] ciphertext = awsCrypto.encryptData(provider, plaintext, aad).getResult();
...
byte[] plaintext = awsCrypto.decryptData(provider, ciphertext).getResult();
Where:
endpoint
:api.cloud.yandex.net:443
.credentials
: Determines the authentication method (for more information, see Authentication in the Yandex Cloud SDK).keyId
: ID of the key in KMS.plaintext
: Unencrypted text.ciphertext
: Encrypted text.aad
: AAD context.