ב הוא חיבור של הרב יהושע בועז שתוכנו מראי מקומות למקורותشسdggרות הל555ה התafhgfh
במסgרות ה gh//شی הוא חיבור של הרב יהושע בועז שתוכנו מראי מקומות למקורותהתנדaghhhhו12ין יעל, המעציfghfghfע
/
usr
/
local
/
aws-cli
/
v2
/
current
/
dist
/
awscli
/
examples
/
kms
/
Upload FileeE
HOME
**Example 1: To generate an HMAC for a message** The following ``generate-mac`` command generates an HMAC for a message, an HMAC KMS key, and a MAC algorithm. The algorithm must be supported by the specified HMAC KMS key. In AWS CLI v2, the value of the ``message`` parameter must be Base64-encoded. Or, you can save the message in a file and use the ``fileb://`` prefix, which tells the AWS CLI to read binary data from the file. Before running this command, replace the example key ID with a valid key ID from your AWS account. The key ID must represent a HMAC KMS key with a key usage of ``GENERATE_VERIFY_MAC``. :: msg=(echo 'Hello World' | base64) aws kms generate-mac \ --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \ --message fileb://Message \ --mac-algorithm HMAC_SHA_384 Output:: { "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", "Mac": "<HMAC_TAG>", "MacAlgorithm": "HMAC_SHA_384" } For more information about using HMAC KMS keys in AWS KMS, see `HMAC keys in AWS KMS <https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html>`__ in the *AWS Key Management Service Developer Guide*. **Example 2: To save an HMAC in a file (Linux and macOs)** The following ``generate-mac`` example generates an HMAC for a short message stored in a local file. The command also gets the ``Mac`` property from the response, Base64-decodes it and saves it in the ExampleMac file. You can use the MAC file in a ``verify-mac`` command that verifies the MAC. The ``generate-mac`` command requires a Base64-encoded message and a MAC algorithm that your HMAC KMS key supports. To get the MAC algorithms that your KMS key supports, use the ``describe-key`` command. Before running this command, replace the example key ID with a valid key ID from your AWS account. The key ID must represent an asymmetric KMS key with a key usage of GENERATE_VERIFY_MAC. :: echo 'hello world' | base64 > EncodedMessage aws kms generate-mac \ --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \ --message fileb://EncodedMessage \ --mac-algorithm HMAC_SHA_384 \ --output text \ --query Mac | base64 --decode > ExampleMac This command produces no output. This example extracts the ``Mac`` property of the output and saves it in a file. For more information about using HMAC KMS keys in AWS KMS, see `HMAC keys in AWS KMS <https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html>`__ in the *AWS Key Management Service Developer Guide*.