Implemented basic support of KMS in the keymaker for AMK generation. Introduce the new flag kms_key_policy which describes possible policies for KMS keys. For now only create is supported.
Made a small refactoring of KMS package by creating a new extended common interface for all KMS operations (Keystore - not an ideal name, can think about a better name). Also, create a separate abstraction called KmsClient that should care about all internal stuff for corresponded KMS.
Implemented basic support of KMS in the
keymaker
for AMK generation. Introduce the new flagkms_key_policy
which describes possible policies for KMS keys. For now onlycreate
is supported.Made a small refactoring of KMS package by creating a new extended common interface for all KMS operations (
Keystore
- not an ideal name, can think about a better name). Also, create a separate abstraction calledKmsClient
that should care about all internal stuff for corresponded KMS.Checklist