Public | Automated Build

Last pushed: 2 months ago
Short Description
Nodejs command-line client for AWS KMS
Full Description

Command-line client for AWS KMS

Install as nodejs module (global)

$ npm install kms-cli -g

Install as a docker executable container

Please see this project:

Setup Environment variables

Pick the AWS Region your KMS key is accessible in, and export your Access Key ID and Secret Access Keys as environment variables for the script to work. Get those secrets off the AWS console.

Use this (preferred), if you have aws profiles set up in your ~/.aws/credentials file

export AWS_REGION=<region ex: us-east-1>
export AWS_PROFILE=< profile_name ex: work-profile>

Otherwise set the env variables explicitly

export AWS_REGION=<region ex: us-east-1>
export AWS_ACCESS_KEY_ID=<your access key id>
export AWS_SECRET_ACCESS_KEY=<your secret access key id>


$ kms-cli --help

Implemented Features


  1. Using inputs directly from commandline
    kms-cli encrypt -k my_kms_key_id --pt 'My plain text'
  2. Using inputs from a json formatted file

    kms-cli encrypt --file /path/my-input-file.json

    Json file format:

     "keyId" : "xxx-xxxx-xxxx-xxxx",
     "plainText": "my secret",
     "awsRegion": "us-east-1", // optional
     "awsProfile": "default" // optional


    kms-cli decrypt  --ct 'My encrypted cipher text'

    Describe Key

    kms-cli describe  -k my_kms_key_id


MIT © Deb Das

Docker Pull Command
Source Repository