From a8ba1bd0d016635417b53876b48e82814fbb6995 Mon Sep 17 00:00:00 2001 From: Ritvik Kapila Date: Wed, 18 Dec 2024 15:56:00 -0800 Subject: [PATCH 1/2] chore(Rust-docs): Update README --- DynamoDbEncryption/runtimes/rust/README.md | 68 +++++-------------- .../runtimes/rust/src/README.md | 52 ++++++++++++++ .../runtimes/rust/start_release.sh | 2 +- 3 files changed, 70 insertions(+), 52 deletions(-) create mode 100644 DynamoDbEncryption/runtimes/rust/src/README.md diff --git a/DynamoDbEncryption/runtimes/rust/README.md b/DynamoDbEncryption/runtimes/rust/README.md index 3244a4cc9..1773293b2 100644 --- a/DynamoDbEncryption/runtimes/rust/README.md +++ b/DynamoDbEncryption/runtimes/rust/README.md @@ -1,64 +1,30 @@ # AWS Database Encryption SDK for DynamoDB -AWS Database Encryption SDK for DynamoDB +[![build status](https://github.com/aws/aws-database-encryption-sdk-dynamodb/actions/workflows/daily_ci.yml/badge.svg?branch=main)](https://github.com/aws/aws-database-encryption-sdk-dynamodb/actions/workflows/daily_ci.yml) +[![crates.io](https://img.shields.io/crates/v/aws-db-esdk.svg)](https://crates.io/crates/aws-db-esdk) +[![docs](https://docs.rs/aws-db-esdk/badge.svg)](https://docs.rs/aws-db-esdk) +[![rustc](https://img.shields.io/badge/rust-1.81%2B-orange.svg)](https://img.shields.io/badge/rust-1.81%2B-orange.svg) -## Using the AWS Database Encryption SDK for DynamoDB for Rust +This is the official [AWS Database Encryption SDK (DB-ESDK) for DynamoDB in Rust](https://crates.io/crates/aws-db-esdk). -The AWS Database Encryption SDK for DynamoDB is available on [Crates.io](https://www.crates.io/). +## [CHANGELOG](https://github.com/aws/aws-database-encryption-sdk-dynamodb/blob/main/CHANGELOG.md) -## Building the AWS Database Encryption SDK for DynamoDB +## Overview -To build, the AWS Database Encryption SDK for DynamoDB requires the most up to date version of [Dafny](https://github.com/dafny-lang/dafny) on your PATH. +The AWS Database Encryption SDK (DB-ESDK) for DynamoDB is a client-side encryption +library that allows you to perform attribute-level encryption, enabling you to encrypt specific +attribute values within items before storing them in your DynamoDB table. All encryption and +decryption are performed within your application. This lets you protect sensitive data in-transit +and at-rest, as data cannot be exposed unless decrypted by your application. -You will also need to ensure that you fetch all submodules using either `git clone --recursive ...` when cloning the repository or `git submodule update --init` on an existing clone. +For more details about the design and architecture of the DB-ESDK for DynamoDB, +see the [AWS Database Encryption SDK Developer Guide](https://docs.aws.amazon.com/database-encryption-sdk/latest/devguide/). -To setup your project to use the AWS Database Encryption SDK for DynamoDB in Rust, run: +## Examples for AWS Database Encryption SDK in Rust -``` -cd DynamoDbEncryption -# Polymorph smithy to Rust -make polymorph_rust -# Transpile Dafny to Rust -make transpile_rust -# Build Project -cd runtimes/rust -cargo build -``` +Please look at the Examples on how to use the AWS Database Encryption SDK in Rust [here](https://github.com/aws/aws-database-encryption-sdk-dynamodb/tree/main/DynamoDbEncryption/runtimes/rust/examples). -### (Optional) Set up the AWS Database Encryption SDK for DynamoDB to work with AWS KMS - -If you set up the AWS Database Encryption SDK for DynamoDB to use the AWS KMS Keyring, -the AWS Database Encryption SDK for DynamoDB will make calls to AWS KMS on your behalf, -using the appropriate AWS SDK. - -However, you must first set up AWS credentials for use with the AWS SDK. - -## Testing the AWS Database Encryption SDK for DynamoDB for Rust - -### Configure AWS credentials - -To run the test suite you must first set up AWS credentials for use with the AWS SDK. -This is required in order to run the integration tests, which use a KMS Keyring against a publicly accessible KMS CMK. - -### Run the tests - -Run the test suite with: - -``` -cd AwsEncryptionSDK -make test_rust -``` - -Run tests on examples, to ensure they are up to date: - -``` -cd AwsEncryptionSDK/runtimes/rust/ -cargo test --examples -``` - -Please look at the Examples on how to use the Encryption SDK in Rust [here](examples). - -Please note that tests and test vectors require internet access and valid AWS credentials, since calls to KMS are made as part of the test workflow. +Please note that some examples MAY require internet access and valid AWS credentials, since calls to KMS are made. ## License diff --git a/DynamoDbEncryption/runtimes/rust/src/README.md b/DynamoDbEncryption/runtimes/rust/src/README.md new file mode 100644 index 000000000..671b0f474 --- /dev/null +++ b/DynamoDbEncryption/runtimes/rust/src/README.md @@ -0,0 +1,52 @@ + +## Building the AWS Database Encryption SDK for DynamoDB + +To build, the AWS Database Encryption SDK for DynamoDB requires the most up to date version of [Dafny](https://github.com/dafny-lang/dafny) on your PATH. + +You will also need to ensure that you fetch all submodules using either `git clone --recursive ...` when cloning the repository or `git submodule update --init` on an existing clone. + +To setup your project to use the AWS Database Encryption SDK for DynamoDB in Rust, run: + +``` +cd DynamoDbEncryption +# Polymorph smithy to Rust +make polymorph_rust +# Transpile Dafny to Rust +make transpile_rust +# Build Project +cd runtimes/rust +cargo build +``` + +### (Optional) Set up the AWS Database Encryption SDK for DynamoDB to work with AWS KMS + +If you set up the AWS Database Encryption SDK for DynamoDB to use the AWS KMS Keyring, +the AWS Database Encryption SDK for DynamoDB will make calls to AWS KMS on your behalf, +using the appropriate AWS SDK. + +However, you must first set up AWS credentials for use with the AWS SDK. + +## Testing the AWS Database Encryption SDK for DynamoDB for Rust + +### Configure AWS credentials + +To run the test suite you must first set up AWS credentials for use with the AWS SDK. +This is required in order to run the integration tests, which use a KMS Keyring against a publicly accessible KMS CMK. + +### Run the tests + +Run the test suite with: + +``` +cd DynamoDbEncryption +make test_rust +``` + +Run tests on examples, to ensure they are up to date: + +``` +cd DynamoDbEncryption/runtimes/rust/ +cargo test --examples +``` + +Please note that tests require internet access and valid AWS credentials, since calls to KMS and DynamoDB are made as part of the workflow. diff --git a/DynamoDbEncryption/runtimes/rust/start_release.sh b/DynamoDbEncryption/runtimes/rust/start_release.sh index d4926e8e9..5a6cc0a7e 100755 --- a/DynamoDbEncryption/runtimes/rust/start_release.sh +++ b/DynamoDbEncryption/runtimes/rust/start_release.sh @@ -43,7 +43,7 @@ cd ../../../releases/rust/db_esdk git checkout dafny_runtime_rust # Remove unnecessary files and directories -rm -rf *~ copy_externs.sh start_release.sh test_published.sh test_examples *.pem RELEASE.md +rm -rf *~ copy_externs.sh start_release.sh test_published.sh test_examples *.pem RELEASE.md src/README.md # Create .gitignore file with specified entries echo Cargo.lock > .gitignore From a2a301bb17da5712f134cd6ef5ad8f24fcdfaad2 Mon Sep 17 00:00:00 2001 From: Ritvik Kapila Date: Wed, 18 Dec 2024 16:05:30 -0800 Subject: [PATCH 2/2] m --- DynamoDbEncryption/runtimes/rust/src/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/DynamoDbEncryption/runtimes/rust/src/README.md b/DynamoDbEncryption/runtimes/rust/src/README.md index 671b0f474..9e2235750 100644 --- a/DynamoDbEncryption/runtimes/rust/src/README.md +++ b/DynamoDbEncryption/runtimes/rust/src/README.md @@ -1,4 +1,3 @@ - ## Building the AWS Database Encryption SDK for DynamoDB To build, the AWS Database Encryption SDK for DynamoDB requires the most up to date version of [Dafny](https://github.com/dafny-lang/dafny) on your PATH.