AWS KMS Keystore not available?
r3ap3r2004 opened this issue · comments
According to the docs AWS KMS is an option for a keystore. Following the documentation results in an error about aws not being supported. Is this intentional?
Relevent Docs:
https://rocketjob.github.io/symmetric-encryption/configuration.html
Environment
Provide at least:
- Ruby Version.
ruby 2.5.0p0
- Symmetric Encryption Version. =
4.0.1
- Application/framework names and versions (e.g. Rails, Sinatra, Puma, etc.).
rails 5.2.0
- Full Stack Trace, if an exception is being raised.
See Actual Behavior below
Expected Behavior
Running the following command would generate the necessary KMS keys.
symmetric-encryption --generate --environments "development,test,production" --keystore aws
Actual Behavior
I get the following error:
Invalid keystore option: aws, must be one of heroku, environment, file
This appears to be because the code is hard coded to not allow aws as an option. See the following link.
I'm not sure if this is intentional because AWS support isn't fully implemented, or if it was just an oversight.
Suggested Fix
Assuming this is just an oversight you would just need to add aws to the list.
KEYSTORES = %i[aws heroku environment file].freeze
The documentation in master was updated when v4.1.0.beta1 was published. v4.1 is now available which contains AWS KMS support.
This seems to still be an issue in v4.1.2
When trying to use the --keystore aws
argument it still claims that aws is not a valid key store
$ symmetric-encryption --generate --app-name something --environments development,test,production -s aws --regions eu-central-1
Invalid keystore option: aws, must be one of heroku, environment, file
When I run --help
I get aws listed as an option.
$ symmetric-encryption --help
...
-s heroku|environment|file|aws, Which keystore to use during generation or re-encryption.
--keystore
...