Ape plugin to make transactions through AWS KMS
- python3 version 3.10 or greater, python3-dev
You can install the latest release via pip
:
pip install <PYPI_NAME>
You can clone the repository and use setuptools
for the most up-to-date version:
git clone https://github.com/ApeWorX/<PYPI_NAME>.git
cd <PYPI_NAME>
python3 setup.py install
pip install ape-aws
List commands:
ape aws -h
To create a new key:
ape aws kms create KeyAlias -d 'Description of new key'
To delete this key:
ape aws kms delete KeyAlias
To import an existing private key into KMS:
$ ape aws kms import KeyAlias
Enter your private key:
SUCCESS: Key imported successfully with ID: <key-id>
You can also import a private key from a file (from hex or bytes):
$ ape aws kms import KeyAlias --private-key <path-to-private-key>
INFO: Reading private key from <private-key-file>
SUCCESS: Key imported successfully with ID: <key-id>
You can import using a mnemonic phrase as well:
$ ape aws kms import KeyAlias --use-mnemonic
Enter your mnemonic phrase:
SUCCESS: Key imported successfully with ID: <key-id>
First, create a KMS key with the CLI tool
ape console
In [1]: kms_acct = accounts.load("KeyAlias")
In [2]: kms_acct.sign_message("12345")
Out[2]: <MessageSignature v=27, r=0x..., s=0x...>
This project is in development and should be considered a beta. Things might not be in their final state and breaking changes may occur. Comments, questions, criticisms and pull requests are welcomed.
To begin, create a virtual environment set up and activate the virtual environment before doing anything for the setup of AWS
- You must have an AWS account
- Must be an AWS Identity and Access Management (IAM) user with administrator access
- Must have configured AWS credentials
- Must have Docker, Python3 and pip installed on your workstation
Create a ~/.aws
folder in your home directory:
mkdir ~/.aws
Note: get your access key and key id from your IAM in you AWS account here.
Create a credentials
file in the ~/.aws
folder:
cat <<EOF > ~/.aws/credentials
[default]
aws_access_key_id = YOUR_ACCESS_KEY
aws_secret_access_key = YOUR_SECRET
EOF
Create a config
file in the ~/.aws
folder:
cat <<EOF > ~/.aws/config
[default]
region = YOUR_REGION
output = json
EOF
For manual setup, follow this article
This project is licensed under the Apache 2.0.