in webapp/app/codecompose/__init__.py [0:0]
def build_multiregion_kms_master_key_encryption_provider():
regions = (AWS_PRIMARY_REGION,AWS_SECONDARY_REGION)
alias = COLUMN_ENCRYPTION_KEY_ALIAS
arn_template = 'arn:aws:kms:{region}:{account_id}:{alias}'
# Create AWS KMS master key provider
kms_master_key_provider = aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider()
# Find your AWS account ID
account_id = boto3.client('sts').get_caller_identity()['Account']
# Add the KMS alias in each region to the master key provider
for region in regions:
kms_master_key_provider.add_master_key(arn_template.format(
region=region,
account_id=account_id,
alias=alias
))
return kms_master_key_provider