module Voynich
Constants
- DEFAULT_CONFIG
- VERSION
Public Class Methods
configure(config = {})
click to toggle source
# File lib/voynich.rb, line 23 def self.configure(config = {}) config = DEFAULT_CONFIG.merge(config) self.kms_cmk_id = config[:kms_cmk_id] self.auto_data_key_count = config[:auto_data_key_max_count] self.aws_access_key_id = config[:aws_access_key_id] self.aws_secret_access_key = config[:aws_secret_access_key] self.aws_region = config[:aws_region] end
kms_client()
click to toggle source
# File lib/voynich.rb, line 32 def self.kms_client if self.aws_access_key_id.present? credentials = Aws::Credentials.new(self.aws_access_key_id, self.aws_secret_access_key) Aws::KMS::Client.new(region: self.aws_region, credentials: credentials) else Aws::KMS::Client.new(region: self.aws_region) end end
Public Instance Methods
reencrypt_all_data_keys()
click to toggle source
Re-encrypts all existing data keys this should be executed when KMS CMK is rotated to have the data keys encrypted by the latest CMK
# File lib/voynich.rb, line 44 def reencrypt_all_data_keys ActiveRecord::DataKey.find_each do |data_key| data_key.reencrypt! sleep 0.1 # KMS limits API access up to 100 calls/sec end end