in webapp/app/codecompose/__init__.py [0:0]
def build_thisregion_kms_master_key_decryption_provider():
#on AWS Fargate get the region running in
region = os.environ['AWS_REGION']
arn_template = 'arn:aws:kms:{region}:{account_id}:key/{key_id}'
kms=boto3.client('kms', region_name=region)
aliases=kms.list_aliases()['Aliases']
found_alias=next(item for item in aliases if item["AliasName"] == COLUMN_ENCRYPTION_KEY_ALIAS)
key_id=found_alias['TargetKeyId']
# Find your AWS account ID
account_id = boto3.client('sts').get_caller_identity()['Account']
kms_arn=arn_template.format(
region=region,
account_id=account_id,
key_id=key_id
)
# Create AWS KMS master key provider
kms_master_key_provider = aws_encryption_sdk.key_providers.kms.KMSMasterKey(key_id=kms_arn)
return kms_master_key_provider