Menu

Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.

Open source

generateDataKey

KMSClient.generateDataKey generates a symmetric data key for use outside of the AWS Key Management Service.

Parameters

NameTypeDescription
idstringThe identifier of the key. This can be either the key ID or the Amazon Resource Name (ARN) of the key.
sizenumberThe length of the data key. For example, use the value 64 to generate a 512-bit data key (64 bytes is 512 bits). For 256-bit (32-byte) data keys, use the value 32, instead.

Returns

TypeDescription
Promise<KMSDataKey>A Promise that fulfills with a KMSDataKey object.

Example

JavaScript
import exec from 'k6/execution';

import { AWSConfig, KMSClient } from 'https://jslib.k6.io/aws/0.11.0/kms.js';

const awsConfig = new AWSConfig({
  region: __ENV.AWS_REGION,
  accessKeyId: __ENV.AWS_ACCESS_KEY_ID,
  secretAccessKey: __ENV.AWS_SECRET_ACCESS_KEY,
});

const kms = new KMSClient(awsConfig);
const testKeyId = 'e67f95-4c047567-4-a0b7-62f7ce8ec8f48';

export default async function () {
  // List the KMS keys the AWS authentication configuration
  // gives us access to.
  const keys = await kms.listKeys();

  // If our test key does not exist, abort the execution.
  if (keys.filter((b) => b.keyId === testKeyId).length == 0) {
    exec.test.abort();
  }

  // Generate a data key from the KMS key.
  const key = await kms.generateDataKey(testKeyId, 32);
}

A k6 script that generating a data key from an AWS Key Management Service key