Setup a fake KMS server for testing purposes
const AWS = require('aws-sdk')
const FakeKMS = require('fake-kms').FakeKMS
async function test() {
const server = new FakeKMS({
port: 0,
encrypt: {
'SK_LIVE': 'a secret text'
}
})
await server.bootstrap()
const secrets = server.getCiphers()
const kms = new AWS.KMS({
endpoint: `http://${sever.hostPort}`,
sslEnabled: false
})
const data = await kms.decrypt({
CiphertextBlob: secrets['SK_LIVE']
})
// Should be `a secret text`
console.log('the text', data.Plaintext.toString())
await server.close()
}
process.on('unhandledRejection', (err) => { throw err })
test()Currently this fake-kms module only supports the kms.decrypt()
method. Aka it has enough of an implementation to support
calling decrypt on the aws-sdk.KMS.
The other functionality can be added in the future, as needed.
Creates a fake KMS server.
opts.port; defaults to 0opts.encrypt; An object of key / value pairs that you want pre-created in the KMS.
Starts the server.
After bootstrap returns you can read server.hostPort to get the
actual listening port of the server.
This returns an object of key / value pairs for all the secrets that have been encrypted in the KMS.
Each value is a valid CiphertextBlob as a base64 string that
can be passed to the kms library in kms.decrypt()
Shuts down the server.
% npm install fake-kms