Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Error decrypting Kinesis data key
See original GitHub issueI’d appreciate any help, working with:
aws-encryption-sdk-cli/2.1.0 aws-encryption-sdk/2.0.0
trying to decrypt a data key from a kinesis stream with my CMK gives:
NotSupportedError("Unsupported type 2 discovered in data stream", "2 is not a valid ObjectType")
Trying with:
echo 'AQID...2Q==' | base64 -d | aws-encryption-cli --decrypt --input - --wrapping-keys key=arn:aws:kms:XXXX:YYYY:key/ZZZZ --output decrypted_data_key --suppress-metadata
Issue Analytics
- State:
- Created 2 years ago
- Comments:8 (2 by maintainers)
Top Results From Across the Web
Resolve "Access Denied" error in Amazon Kinesis Data Streams
1. Open the AWS KMS console. · 2. Choose the KMS key that is currently used to encrypt your S3 bucket. · 3....
Read more >Decrypting file stored in AWS S3 by Kinesis firehose
I'm using Kinesis firehose to stream log data from Cloudwatch to AWS S3. The files are encrypted by kinesis data delivery stream with...
Read more >Ensure AWS Kinesis streams are encrypted using SSE
When sending data from a producer to a data stream Kinesis encrypts the data using an AWS KMS key before storing the data...
Read more >KMS — Boto3 Docs 1.26.36 documentation - Amazon AWS
To fix the failure, use the DisconnectCustomKeyStore operation to ... You can use a symmetric encryption KMS key to encrypt and decrypt data...
Read more >Amazon Kinesis - Domain Three: Specify Secure Applications ...
Otherwise encryption and decryption will not be possible, and you will receive an unauthorized KMS master key permission error.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
yes, I ended up using a python script, thanks
I followed the same but ended up invalidcipher exception while calling kms.decrypt… key is passed as decoded bytes as need… any special permission required?? Pls advise