aws_encryption_sdk.materials_managers.caching¶
Caching crypto material manager.
Classes
CachingCryptoMaterialsManager (cache, max_age) |
Crypto material manager which caches results from an underlying material manager. |
-
class
aws_encryption_sdk.materials_managers.caching.
CachingCryptoMaterialsManager
(cache, max_age, max_messages_encrypted=4294967296, max_bytes_encrypted=9223372036854775807, partition_name=None, master_key_provider=None, backing_materials_manager=None, keyring=None)¶ Bases:
aws_encryption_sdk.materials_managers.base.CryptoMaterialsManager
Crypto material manager which caches results from an underlying material manager.
New in version 1.3.0.
New in version 1.5.0: The keyring parameter.
>>> import aws_encryption_sdk >>> kms_key_provider = aws_encryption_sdk.KMSMasterKeyProvider(key_ids=[ ... 'arn:aws:kms:us-east-1:2222222222222:key/22222222-2222-2222-2222-222222222222', ... 'arn:aws:kms:us-east-1:3333333333333:key/33333333-3333-3333-3333-333333333333' ... ]) >>> local_cache = aws_encryption_sdk.LocalCryptoMaterialsCache(capacity=100) >>> caching_materials_manager = aws_encryption_sdk.CachingCryptoMaterialsManager( ... master_key_provider=kms_key_provider, ... cache=local_cache, ... max_age=600.0, ... max_messages_encrypted=10 ... )
Note
The partition name is used to enable a single cache instance to be used by multiple material manager instances by partitioning the entries in that cache based on this value. If no partition name is provided, a random UUID will be used.
Note
Exactly one of
backing_materials_manager
,keyring
, ormaster_key_provider
must be provided.Parameters: - cache (CryptoMaterialsCache) – Crypto cache to use with material manager
- backing_materials_manager (CryptoMaterialsManager) – Crypto material manager to back this caching material manager
(either
backing_materials_manager
,keyring
, ormaster_key_provider
required) - master_key_provider (MasterKeyProvider) – Master key provider to use
(either
backing_materials_manager
,keyring
, ormaster_key_provider
required) - keyring (Keyring) – Keyring to use
(either
backing_materials_manager
,keyring
, ormaster_key_provider
required) - max_age (float) – Maximum time in seconds that a cache entry may be kept in the cache
- max_messages_encrypted (int) – Maximum number of messages that may be encrypted under a cache entry (optional)
- max_bytes_encrypted (int) – Maximum number of bytes that a cache entry may be used to process (optional)
- partition_name (bytes) – Partition name to use for this instance (optional)
-
decrypt_materials
(request)¶ Provides decryption materials appropriate for the request.
Parameters: request (aws_encryption_sdk.materials_managers.DecryptionMaterialsRequest) – decrypt materials request Returns: decryption materials Return type: aws_encryption_sdk.materials_managers.DecryptionMaterials
-
get_encryption_materials
(request)¶ Provides encryption materials appropriate for the request.
Parameters: request (aws_encryption_sdk.materials_managers.EncryptionMaterialsRequest) – Encryption materials request Returns: encryption materials Return type: aws_encryption_sdk.materials_managers.EncryptionMaterials