aws · robin-aws · Apr 28, 2021 · Oct 2, 2020 · Dec 14, 2020 · Dec 22, 2020
@@ -29,6 +29,7 @@ jobs:
           - 3.6
           - 3.7
           - 3.8
+          - 3.9
           - 3.x
         architecture:
           - x64

@@ -41,3 +41,4 @@ venv/
 # Chalice
 */.chalice/deployments
 */.chalice/venv
+/.history
@@ -14,7 +14,7 @@ Bugfix
 
 Features
 --------
-* Updates to the AWS Encryption SDK. bdbf00c
+* Updates to the AWS Encryption SDK. ef90351
 
 Deprecations
 ^^^^^^^^^^^^

@@ -6,7 +6,7 @@ aws-encryption-sdk
    :target: https://pypi.python.org/pypi/aws-encryption-sdk
    :alt: Latest Version
 
-.. image:: https://img.shields.io/pypi/pyversions/aws-encryption-sdk-cli.svg
+.. image:: https://img.shields.io/pypi/pyversions/aws-encryption-sdk.svg
    :target: https://pypi.python.org/pypi/aws-encryption-sdk
    :alt: Supported Python Versions
 
@@ -18,12 +18,6 @@ aws-encryption-sdk
    :target: https://aws-encryption-sdk-python.readthedocs.io/en/stable/
    :alt: Documentation Status
 
-.. image:: https://travis-ci.org/aws/aws-encryption-sdk-python.svg?branch=master
-   :target: https://travis-ci.org/aws/aws-encryption-sdk-python
-
-.. image:: https://ci.appveyor.com/api/projects/status/p3e2e63gsnp3cwd8/branch/master?svg=true
-   :target: https://ci.appveyor.com/project/mattsb42-aws/aws-encryption-sdk-python-qvyet/branch/master
-
 The AWS Encryption SDK for Python provides a fully compliant, native Python implementation of the `AWS Encryption SDK`_.
 
 The latest full documentation can be found at `Read the Docs`_.
@@ -40,7 +34,7 @@ Required Prerequisites
 
 * Python 2.7+ or 3.4+
 * cryptography >= 2.5.0
-* boto3
+* boto3 >= 1.10.0
 * attrs
 
 Installation
@@ -119,7 +113,11 @@ StrictAwsKmsMasterKeyProvider
 A ``StrictAwsKmsMasterKeyProvider`` is configured with an explicit list of AWS KMS
 CMKs with which to encrypt and decrypt data. On encryption, it encrypts the plaintext with all
 configured CMKs. On decryption, it only attempts to decrypt ciphertexts that have been wrapped
-with one of the configured CMKs.
+with a CMK that matches one of the configured CMK ARNs.
+
+To create a ``StrictAwsKmsMasterKeyProvider`` you must provide one or more CMKs. For providers that will only
+be used for encryption, you can use any valid `KMS key identifier`_. For providers that will be used for decryption, you
+must use the key ARN; key ids, alias names, and alias ARNs are not supported.
 
 Because the ``StrictAwsKmsMasterKeyProvider`` uses the `boto3 SDK`_ to interact with `AWS KMS`_,
 it requires AWS Credentials.
@@ -128,7 +126,6 @@ pre-existing instance of a ``botocore session`` to the ``StrictAwsKmsMasterKeyPr
 This latter option can be useful if you have an alternate way to store your AWS credentials or
 you want to reuse an existing instance of a botocore session in order to decrease startup costs.
 
-To create a ``StrictAwsKmsMasterKeyProvider`` you must provide one or more CMKs.
 If you configure the the ``StrictAwsKmsMasterKeyProvider`` with multiple CMKs, the `final message`_
 will include a copy of the data key encrypted by each configured CMK.
 
@@ -312,6 +309,7 @@ to your use-case in order to obtain peak performance.
 .. _GitHub: https://github.com/aws/aws-encryption-sdk-python/
 .. _AWS KMS: https://docs.aws.amazon.com/kms/latest/developerguide/overview.html
 .. _KMS customer master key (CMK): https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys
+.. _KMS key identifier: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
 .. _boto3 SDK: https://boto3.readthedocs.io/en/latest/
 .. _standard means by which boto3 locates credentials: https://boto3.readthedocs.io/en/latest/guide/configuration.html
 .. _final message: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html

@@ -0,0 +1,73 @@
+version: 0.2
+
+batch:
+  fast-fail: false
+  build-list:
+    - identifier: py27_integ
+      buildspec: codebuild/py27/integ.yml
+    - identifier: py27_examples
+      buildspec: codebuild/py27/examples.yml
+    - identifier: py27_awses_1_7_1
+      buildspec: codebuild/py27/awses_1.7.1.yml
+    - identifier: py27_awses_2_0_0
+      buildspec: codebuild/py27/awses_2.0.0.yml
+    - identifier: py27_awses_latest
+      buildspec: codebuild/py27/awses_latest.yml
+
+    - identifier: py35_integ
+      buildspec: codebuild/py35/integ.yml
+    - identifier: py35_examples
+      buildspec: codebuild/py35/examples.yml
+    - identifier: py35_awses_1_7_1
+      buildspec: codebuild/py35/awses_1.7.1.yml
+    - identifier: py35_awses_2_0_0
+      buildspec: codebuild/py35/awses_2.0.0.yml
+    - identifier: py35_awses_latest
+      buildspec: codebuild/py35/awses_latest.yml
+
+    - identifier: py36_integ
+      buildspec: codebuild/py36/integ.yml
+    - identifier: py36_examples
+      buildspec: codebuild/py36/examples.yml
+    - identifier: py36_awses_1_7_1
+      buildspec: codebuild/py36/awses_1.7.1.yml
+    - identifier: py36_awses_2_0_0
+      buildspec: codebuild/py36/awses_2.0.0.yml
+    - identifier: py36_awses_latest
+      buildspec: codebuild/py36/awses_latest.yml
+
+    - identifier: py37_integ
+      buildspec: codebuild/py37/integ.yml
+    - identifier: py37_examples
+      buildspec: codebuild/py37/examples.yml
+    - identifier: py37_awses_1_7_1
+      buildspec: codebuild/py37/awses_1.7.1.yml
+    - identifier: py37_awses_2_0_0
+      buildspec: codebuild/py37/awses_2.0.0.yml
+    - identifier: py37_awses_latest
+      buildspec: codebuild/py37/awses_latest.yml
+
+    - identifier: py38_integ
+      buildspec: codebuild/py38/integ.yml
+    - identifier: py38_examples
+      buildspec: codebuild/py38/examples.yml
+    - identifier: py38_awses_1_7_1
+      buildspec: codebuild/py38/awses_1.7.1.yml
+    - identifier: py38_awses_2_0_0
+      buildspec: codebuild/py38/awses_2.0.0.yml
+    - identifier: py38_awses_latest
+      buildspec: codebuild/py38/awses_latest.yml
+
+    - identifier: py39_integ
+      buildspec: codebuild/py39/integ.yml
+    - identifier: py39_examples
+      buildspec: codebuild/py39/examples.yml
+    - identifier: py39_awses_1_7_1
+      buildspec: codebuild/py39/awses_1.7.1.yml
+    - identifier: py39_awses_2_0_0
+      buildspec: codebuild/py39/awses_2.0.0.yml
+    - identifier: py39_awses_latest
+      buildspec: codebuild/py39/awses_latest.yml
+
+    - identifier: code_coverage
+      buildspec: codebuild/coverage/coverage.yml
@@ -0,0 +1,14 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "coverage"
+
+phases:
+  install:
+    runtime-versions:
+      python: latest
+  build:
+    commands:
+      - pip install tox
+      - tox
@@ -0,0 +1,21 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py27-awses_1.7.1"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_API_DEPLOYMENT_ID: "xi1mwx3ttb"
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_REGION: "us-west-2"
+
+phases:
+  install:
+    runtime-versions:
+      python: latest
+  build:
+    commands:
+      - pip install tox
+      - cd test_vector_handlers
+      - tox
@@ -0,0 +1,21 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py27-awses_2.0.0"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_API_DEPLOYMENT_ID: "xi1mwx3ttb"
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_REGION: "us-west-2"
+
+phases:
+  install:
+    runtime-versions:
+      python: latest
+  build:
+    commands:
+      - pip install tox
+      - cd test_vector_handlers
+      - tox
@@ -0,0 +1,21 @@
+version: 0.2
+
+env:
+  variables:
+    TOXENV: "py27-awses_latest"
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID: >-
+      arn:aws:kms:us-west-2:658956600833:key/b3537ef1-d8dc-4780-9f5a-55776cbb2f7f
+    AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID_2: >-
+      arn:aws:kms:eu-central-1:658956600833:key/75414c93-5285-4b57-99c9-30c1cf0a22c2
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_API_DEPLOYMENT_ID: "xi1mwx3ttb"
+    AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_REGION: "us-west-2"
+
+phases:
+  install:
+    runtime-versions:
+      python: latest
+  build:
+    commands:
+      - pip install tox
+      - cd test_vector_handlers
+      - tox
-Original file line number
+Diff line change
@@ Expand Up / @@ -29,6 +29,7 @@ jobs: @@
               - 3.6
               - 3.7
               - 3.8
+              - 3.9
               - 3.x
             architecture:
               - x64
@@ Expand Down @@