smd877 · July 5, 2021 06:01
diff --git a/KmsTest3.py b/KmsTest3.py
 import boto3
 from base64 import b64encode, b64decode

 AWS_KEY = 'ここにアクセスキーID'
 AWS_SECRET = 'ここにシークレットアクセスキー'
 AWS_LAMBDA_FUNCTION_NAME = 'ここにlambda関数名'
 KMS_KEY_ID = 'arn:aws:kms:ap-northeast-1:XXXXXXXXXXXX:key/XXXX'

 INPUT_VAL = 'hoge'

 kms = boto3.client(
    'kms',
    region_name = 'ap-northeast-1',
    aws_access_key_id = AWS_KEY,
    aws_secret_access_key = AWS_SECRET,
 )

 ENCRYPTED = kms.encrypt(
    KeyId = KMS_KEY_ID,
    Plaintext = INPUT_VAL,
    EncryptionContext = {'LambdaFunctionName' : AWS_LAMBDA_FUNCTION_NAME}
 )['CiphertextBlob']
 ENCRYPTED = b64encode(ENCRYPTED).decode('utf-8')
 print('ENCRYPTED : {}'.format(ENCRYPTED))

 DECRYPTED = kms.decrypt(
    CiphertextBlob=b64decode(ENCRYPTED),
    EncryptionContext={'LambdaFunctionName': AWS_LAMBDA_FUNCTION_NAME}
 )['Plaintext'].decode('utf-8')
 print('DECRYPTED : {}'.format(DECRYPTED))
	import boto3
	from base64 import b64encode, b64decode

	AWS_KEY = 'ここにアクセスキーID'
	AWS_SECRET = 'ここにシークレットアクセスキー'
	AWS_LAMBDA_FUNCTION_NAME = 'ここにlambda関数名'
	KMS_KEY_ID = 'arn:aws:kms:ap-northeast-1:XXXXXXXXXXXX:key/XXXX'

	INPUT_VAL = 'hoge'

	kms = boto3.client(
	'kms',
	region_name = 'ap-northeast-1',
	aws_access_key_id = AWS_KEY,
	aws_secret_access_key = AWS_SECRET,
	)

	ENCRYPTED = kms.encrypt(
	KeyId = KMS_KEY_ID,
	Plaintext = INPUT_VAL,
	EncryptionContext = {'LambdaFunctionName' : AWS_LAMBDA_FUNCTION_NAME}
	)['CiphertextBlob']
	ENCRYPTED = b64encode(ENCRYPTED).decode('utf-8')
	print('ENCRYPTED : {}'.format(ENCRYPTED))

	DECRYPTED = kms.decrypt(
	CiphertextBlob=b64decode(ENCRYPTED),
	EncryptionContext={'LambdaFunctionName': AWS_LAMBDA_FUNCTION_NAME}
	)['Plaintext'].decode('utf-8')
	print('DECRYPTED : {}'.format(DECRYPTED))