encryption

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 16, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EncryptUpdateExpressionValues 

func EncryptUpdateExpressionValues(
	ctx context.Context,
	svc *Service,
	metadata *model.Metadata,
	updateExpression string,
	exprAttrNames map[string]string,
	exprAttrValues map[string]types.AttributeValue,
) error

EncryptUpdateExpressionValues mutates exprAttrValues in-place by encrypting values assigned to encrypted fields. It currently supports direct SET assignments and if_not_exists() defaults for encrypted fields.

func FailClosedIfEncryptedWithoutKMSKeyARN 

func FailClosedIfEncryptedWithoutKMSKeyARN(sess *session.Session, metadata *model.Metadata) error

func MetadataHasEncryptedFields 

func MetadataHasEncryptedFields(metadata *model.Metadata) bool

Types

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service implements envelope encryption for DynamoDB attribute values using AWS KMS.

func NewService 

func NewService(keyARN string, kmsClient kmsAPI) *Service

func NewServiceFromAWSConfig 

func NewServiceFromAWSConfig(keyARN string, cfg aws.Config) *Service

func (*Service) DecryptAttributeValue 

func (s *Service) DecryptAttributeValue(ctx context.Context, attributeName string, envelope types.AttributeValue) (types.AttributeValue, error)

func (*Service) EncryptAttributeValue 

func (s *Service) EncryptAttributeValue(ctx context.Context, attributeName string, av types.AttributeValue) (types.AttributeValue, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.