Quick script to decrypt data that was encrypted with your KMS key:
The Script:
The script requires the encrypted scring as an argument:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| #!/usr/bin/env python
import boto3
import sys
from base64 import b64decode
try:
encrypted_value = sys.argv[1]
except IndexError:
print("Usage: {} {}".format(sys.argv[0], 'the-encrypted-string'))
exit(1)
session = boto3.Session(
region_name='eu-west-1',
profile_name='default'
)
kms = session.client('kms')
response = kms.decrypt(CiphertextBlob=b64decode(encrypted_value))['Plaintext']
print("Decrypted Value: {}".format(response))
|
Change the permissions so that the file is executable:
Usage:
1
2
| $ ./decrypt.py asdlaskjdasidausd09q3uoijad09ujd38u309
Decrypted Value: thisIsMyDecryptedValue
|