// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. package kms_test import ( "fmt" "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/kms" ) var _ time.Duration var _ strings.Reader var _ aws.Config func parseTime(layout, value string) *time.Time { t, err := time.Parse(layout, value) if err != nil { panic(err) } return &t } // To cancel deletion of a customer master key (CMK) // // The following example cancels deletion of the specified CMK. func ExampleKMS_CancelKeyDeletion_shared00() { svc := kms.New(session.New()) input := &kms.CancelKeyDeletionInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.CancelKeyDeletion(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To create an alias // // The following example creates an alias for the specified customer master key (CMK). func ExampleKMS_CreateAlias_shared00() { svc := kms.New(session.New()) input := &kms.CreateAliasInput{ AliasName: aws.String("alias/ExampleAlias"), TargetKeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.CreateAlias(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeAlreadyExistsException: fmt.Println(kms.ErrCodeAlreadyExistsException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidAliasNameException: fmt.Println(kms.ErrCodeInvalidAliasNameException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To create a grant // // The following example creates a grant that allows the specified IAM role to encrypt // data with the specified customer master key (CMK). func ExampleKMS_CreateGrant_shared00() { svc := kms.New(session.New()) input := &kms.CreateGrantInput{ GranteePrincipal: aws.String("arn:aws:iam::111122223333:role/ExampleRole"), KeyId: aws.String("arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"), Operations: []*string{ aws.String("Encrypt"), aws.String("Decrypt"), }, } result, err := svc.CreateGrant(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To create a customer master key (CMK) // // The following example creates a CMK. func ExampleKMS_CreateKey_shared00() { svc := kms.New(session.New()) input := &kms.CreateKeyInput{ Tags: []*kms.Tag{ { TagKey: aws.String("CreatedBy"), TagValue: aws.String("ExampleUser"), }, }, } result, err := svc.CreateKey(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeMalformedPolicyDocumentException: fmt.Println(kms.ErrCodeMalformedPolicyDocumentException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeTagException: fmt.Println(kms.ErrCodeTagException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To decrypt data // // The following example decrypts data that was encrypted with a customer master key // (CMK) in AWS KMS. func ExampleKMS_Decrypt_shared00() { svc := kms.New(session.New()) input := &kms.DecryptInput{ CiphertextBlob: []byte(""), } result, err := svc.Decrypt(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeInvalidCiphertextException: fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) case kms.ErrCodeKeyUnavailableException: fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To delete an alias // // The following example deletes the specified alias. func ExampleKMS_DeleteAlias_shared00() { svc := kms.New(session.New()) input := &kms.DeleteAliasInput{ AliasName: aws.String("alias/ExampleAlias"), } result, err := svc.DeleteAlias(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To delete imported key material // // The following example deletes the imported key material from the specified customer // master key (CMK). func ExampleKMS_DeleteImportedKeyMaterial_shared00() { svc := kms.New(session.New()) input := &kms.DeleteImportedKeyMaterialInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.DeleteImportedKeyMaterial(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To obtain information about a customer master key (CMK) // // The following example returns information (metadata) about the specified CMK. func ExampleKMS_DescribeKey_shared00() { svc := kms.New(session.New()) input := &kms.DescribeKeyInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.DescribeKey(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To disable a customer master key (CMK) // // The following example disables the specified CMK. func ExampleKMS_DisableKey_shared00() { svc := kms.New(session.New()) input := &kms.DisableKeyInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.DisableKey(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To disable automatic rotation of key material // // The following example disables automatic annual rotation of the key material for // the specified CMK. func ExampleKMS_DisableKeyRotation_shared00() { svc := kms.New(session.New()) input := &kms.DisableKeyRotationInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.DisableKeyRotation(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To enable a customer master key (CMK) // // The following example enables the specified CMK. func ExampleKMS_EnableKey_shared00() { svc := kms.New(session.New()) input := &kms.EnableKeyInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.EnableKey(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To enable automatic rotation of key material // // The following example enables automatic annual rotation of the key material for the // specified CMK. func ExampleKMS_EnableKeyRotation_shared00() { svc := kms.New(session.New()) input := &kms.EnableKeyRotationInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.EnableKeyRotation(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To encrypt data // // The following example encrypts data with the specified customer master key (CMK). func ExampleKMS_Encrypt_shared00() { svc := kms.New(session.New()) input := &kms.EncryptInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), Plaintext: []byte(""), } result, err := svc.Encrypt(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeKeyUnavailableException: fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidKeyUsageException: fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To generate a data key // // The following example generates a 256-bit symmetric data encryption key (data key) // in two formats. One is the unencrypted (plainext) data key, and the other is the // data key encrypted with the specified customer master key (CMK). func ExampleKMS_GenerateDataKey_shared00() { svc := kms.New(session.New()) input := &kms.GenerateDataKeyInput{ KeyId: aws.String("alias/ExampleAlias"), KeySpec: aws.String("AES_256"), } result, err := svc.GenerateDataKey(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeKeyUnavailableException: fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidKeyUsageException: fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To generate an encrypted data key // // The following example generates an encrypted copy of a 256-bit symmetric data encryption // key (data key). The data key is encrypted with the specified customer master key // (CMK). func ExampleKMS_GenerateDataKeyWithoutPlaintext_shared00() { svc := kms.New(session.New()) input := &kms.GenerateDataKeyWithoutPlaintextInput{ KeyId: aws.String("alias/ExampleAlias"), KeySpec: aws.String("AES_256"), } result, err := svc.GenerateDataKeyWithoutPlaintext(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeKeyUnavailableException: fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidKeyUsageException: fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To generate random data // // The following example uses AWS KMS to generate 32 bytes of random data. func ExampleKMS_GenerateRandom_shared00() { svc := kms.New(session.New()) input := &kms.GenerateRandomInput{ NumberOfBytes: aws.Int64(32), } result, err := svc.GenerateRandom(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To retrieve a key policy // // The following example retrieves the key policy for the specified customer master // key (CMK). func ExampleKMS_GetKeyPolicy_shared00() { svc := kms.New(session.New()) input := &kms.GetKeyPolicyInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), PolicyName: aws.String("default"), } result, err := svc.GetKeyPolicy(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To retrieve the rotation status for a customer master key (CMK) // // The following example retrieves the status of automatic annual rotation of the key // material for the specified CMK. func ExampleKMS_GetKeyRotationStatus_shared00() { svc := kms.New(session.New()) input := &kms.GetKeyRotationStatusInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.GetKeyRotationStatus(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To retrieve the public key and import token for a customer master key (CMK) // // The following example retrieves the public key and import token for the specified // CMK. func ExampleKMS_GetParametersForImport_shared00() { svc := kms.New(session.New()) input := &kms.GetParametersForImportInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), WrappingAlgorithm: aws.String("RSAES_OAEP_SHA_1"), WrappingKeySpec: aws.String("RSA_2048"), } result, err := svc.GetParametersForImport(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To import key material into a customer master key (CMK) // // The following example imports key material into the specified CMK. func ExampleKMS_ImportKeyMaterial_shared00() { svc := kms.New(session.New()) input := &kms.ImportKeyMaterialInput{ EncryptedKeyMaterial: []byte(""), ExpirationModel: aws.String("KEY_MATERIAL_DOES_NOT_EXPIRE"), ImportToken: []byte(""), KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.ImportKeyMaterial(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeInvalidCiphertextException: fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) case kms.ErrCodeIncorrectKeyMaterialException: fmt.Println(kms.ErrCodeIncorrectKeyMaterialException, aerr.Error()) case kms.ErrCodeExpiredImportTokenException: fmt.Println(kms.ErrCodeExpiredImportTokenException, aerr.Error()) case kms.ErrCodeInvalidImportTokenException: fmt.Println(kms.ErrCodeInvalidImportTokenException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list aliases // // The following example lists aliases. func ExampleKMS_ListAliases_shared00() { svc := kms.New(session.New()) input := &kms.ListAliasesInput{} result, err := svc.ListAliases(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidMarkerException: fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list grants for a customer master key (CMK) // // The following example lists grants for the specified CMK. func ExampleKMS_ListGrants_shared00() { svc := kms.New(session.New()) input := &kms.ListGrantsInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.ListGrants(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidMarkerException: fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list key policies for a customer master key (CMK) // // The following example lists key policies for the specified CMK. func ExampleKMS_ListKeyPolicies_shared00() { svc := kms.New(session.New()) input := &kms.ListKeyPoliciesInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.ListKeyPolicies(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list customer master keys (CMKs) // // The following example lists CMKs. func ExampleKMS_ListKeys_shared00() { svc := kms.New(session.New()) input := &kms.ListKeysInput{} result, err := svc.ListKeys(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidMarkerException: fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list tags for a customer master key (CMK) // // The following example lists tags for a CMK. func ExampleKMS_ListResourceTags_shared00() { svc := kms.New(session.New()) input := &kms.ListResourceTagsInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.ListResourceTags(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInvalidMarkerException: fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To list grants that the specified principal can retire // // The following example lists the grants that the specified principal (identity) can // retire. func ExampleKMS_ListRetirableGrants_shared00() { svc := kms.New(session.New()) input := &kms.ListRetirableGrantsInput{ RetiringPrincipal: aws.String("arn:aws:iam::111122223333:role/ExampleRole"), } result, err := svc.ListRetirableGrants(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidMarkerException: fmt.Println(kms.ErrCodeInvalidMarkerException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To attach a key policy to a customer master key (CMK) // // The following example attaches a key policy to the specified CMK. func ExampleKMS_PutKeyPolicy_shared00() { svc := kms.New(session.New()) input := &kms.PutKeyPolicyInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), Policy: aws.String("{\n \"Version\": \"2012-10-17\",\n \"Id\": \"custom-policy-2016-12-07\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:root\"\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow access for Key Administrators\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": [\n \"arn:aws:iam::111122223333:user/ExampleAdminUser\",\n \"arn:aws:iam::111122223333:role/ExampleAdminRole\"\n ]\n },\n \"Action\": [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:DescribeKey\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow attachment of persistent resources\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:CreateGrant\",\n \"kms:ListGrants\",\n \"kms:RevokeGrant\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\"\n }\n }\n }\n ]\n}\n"), PolicyName: aws.String("default"), } result, err := svc.PutKeyPolicy(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeMalformedPolicyDocumentException: fmt.Println(kms.ErrCodeMalformedPolicyDocumentException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeUnsupportedOperationException: fmt.Println(kms.ErrCodeUnsupportedOperationException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To reencrypt data // // The following example reencrypts data with the specified CMK. func ExampleKMS_ReEncrypt_shared00() { svc := kms.New(session.New()) input := &kms.ReEncryptInput{ CiphertextBlob: []byte(""), DestinationKeyId: aws.String("0987dcba-09fe-87dc-65ba-ab0987654321"), } result, err := svc.ReEncrypt(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDisabledException: fmt.Println(kms.ErrCodeDisabledException, aerr.Error()) case kms.ErrCodeInvalidCiphertextException: fmt.Println(kms.ErrCodeInvalidCiphertextException, aerr.Error()) case kms.ErrCodeKeyUnavailableException: fmt.Println(kms.ErrCodeKeyUnavailableException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidKeyUsageException: fmt.Println(kms.ErrCodeInvalidKeyUsageException, aerr.Error()) case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To retire a grant // // The following example retires a grant. func ExampleKMS_RetireGrant_shared00() { svc := kms.New(session.New()) input := &kms.RetireGrantInput{ GrantId: aws.String("0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60"), KeyId: aws.String("arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.RetireGrant(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInvalidGrantTokenException: fmt.Println(kms.ErrCodeInvalidGrantTokenException, aerr.Error()) case kms.ErrCodeInvalidGrantIdException: fmt.Println(kms.ErrCodeInvalidGrantIdException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To revoke a grant // // The following example revokes a grant. func ExampleKMS_RevokeGrant_shared00() { svc := kms.New(session.New()) input := &kms.RevokeGrantInput{ GrantId: aws.String("0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60"), KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.RevokeGrant(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInvalidGrantIdException: fmt.Println(kms.ErrCodeInvalidGrantIdException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To schedule a customer master key (CMK) for deletion // // The following example schedules the specified CMK for deletion. func ExampleKMS_ScheduleKeyDeletion_shared00() { svc := kms.New(session.New()) input := &kms.ScheduleKeyDeletionInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), PendingWindowInDays: aws.Int64(7), } result, err := svc.ScheduleKeyDeletion(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To tag a customer master key (CMK) // // The following example tags a CMK. func ExampleKMS_TagResource_shared00() { svc := kms.New(session.New()) input := &kms.TagResourceInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), Tags: []*kms.Tag{ { TagKey: aws.String("Purpose"), TagValue: aws.String("Test"), }, }, } result, err := svc.TagResource(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeLimitExceededException: fmt.Println(kms.ErrCodeLimitExceededException, aerr.Error()) case kms.ErrCodeTagException: fmt.Println(kms.ErrCodeTagException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To remove tags from a customer master key (CMK) // // The following example removes tags from a CMK. func ExampleKMS_UntagResource_shared00() { svc := kms.New(session.New()) input := &kms.UntagResourceInput{ KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), TagKeys: []*string{ aws.String("Purpose"), aws.String("CostCenter"), }, } result, err := svc.UntagResource(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) case kms.ErrCodeTagException: fmt.Println(kms.ErrCodeTagException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To update an alias // // The following example updates the specified alias to refer to the specified customer // master key (CMK). func ExampleKMS_UpdateAlias_shared00() { svc := kms.New(session.New()) input := &kms.UpdateAliasInput{ AliasName: aws.String("alias/ExampleAlias"), TargetKeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.UpdateAlias(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To update the description of a customer master key (CMK) // // The following example updates the description of the specified CMK. func ExampleKMS_UpdateKeyDescription_shared00() { svc := kms.New(session.New()) input := &kms.UpdateKeyDescriptionInput{ Description: aws.String("Example description that indicates the intended use of this CMK."), KeyId: aws.String("1234abcd-12ab-34cd-56ef-1234567890ab"), } result, err := svc.UpdateKeyDescription(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case kms.ErrCodeNotFoundException: fmt.Println(kms.ErrCodeNotFoundException, aerr.Error()) case kms.ErrCodeInvalidArnException: fmt.Println(kms.ErrCodeInvalidArnException, aerr.Error()) case kms.ErrCodeDependencyTimeoutException: fmt.Println(kms.ErrCodeDependencyTimeoutException, aerr.Error()) case kms.ErrCodeInternalException: fmt.Println(kms.ErrCodeInternalException, aerr.Error()) case kms.ErrCodeInvalidStateException: fmt.Println(kms.ErrCodeInvalidStateException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) }