我正在尝试使用kms.generateRandom在Lambda中生成随机密钥。我尝试了文档中提到的示例,但没有返回任何内容。没有错误没有数据。有人用过吗?我是否必须授予访问我的lambda的权限?下面是我正在尝试的代码
/* The following example uses AWS KMS to generate 32 bytes of random data. */
var params = {
NumberOfBytes: 32// The length of the random data, specified in number of bytes.
};
kms.generateRandom(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
/*
data = {
Plaintext: <Binary String>// The random data.
}
*/
});
改进了以下代码,这帮助我发现了访问权限的问题。
let result = await new Promise((resolve, reject) => {
kms.generateRandom(params, function(err, data) {
if (err)
{
console.log('Error occurred: ' + err, err.stack);
reject();
} // an error occurred
else
{
console.log('Data: ' + data);
resolve(data);
} // successful response
});
});
我已经更新了IAM策略,使其具有以下类似内容:
"Action": [
"kms:*"
],
"Resource": "*"
它会向我返回如下数据:数据:{“ Plaintext”:{“ type”:“ Buffer”,“ data”:[238,80,205,34,52,91,37,158,167,126,109,222,246,0,59,132,116,169,49,35,244,19,146,86,104,72,190,227,89,196,156,201,}] }
将缓冲区转换为字符串的代码如下:
让test = new Buffer.from(data.Plaintext);console.log('buff:'+ test.toString('base64'));