Implemented basic support of KMS in the keymaker for AMK generation. Introduce the new flag kms_key_policy which describes possible policies for KMS keys. For now only create is supported.
Made a small refactoring of KMS package by creating a new extended common interface for all KMS operations (Keystore - not an ideal name, can think about a better name). Also, create a separate abstraction called KmsClient that should care about all internal stuff for corresponded KMS.
Implemented basic support of KMS in the
keymakerfor AMK generation. Introduce the new flagkms_key_policywhich describes possible policies for KMS keys. For now onlycreateis supported.Made a small refactoring of KMS package by creating a new extended common interface for all KMS operations (
Keystore- not an ideal name, can think about a better name). Also, create a separate abstraction calledKmsClientthat should care about all internal stuff for corresponded KMS.Checklist