2019-04-08 15:47:08 -07:00
< ? php
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
2024-01-16 10:41:11 -05:00
2019-04-08 15:47:08 -07:00
/*
* ABOUT THIS PHP SAMPLE: This sample is part of the KMS Developer Guide topic at
* https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
*
*
*
*/
// snippet-start:[kms.php.create_grant.complete]
// snippet-start:[kms.php.create_grant.import]
require 'vendor/autoload.php' ;
use Aws\Exception\AwsException ;
2024-02-05 10:49:20 -07:00
2019-04-08 15:47:08 -07:00
// snippet-end:[kms.php.create_grant.import]
/**
* Creating an Amazon KMS client.
*
* This code expects that you have AWS credentials set up per:
* https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html
*/
2019-05-05 09:44:48 -07:00
//Create a KmsClient
2019-04-08 15:47:08 -07:00
// snippet-start:[kms.php.create_grant.main]
$KmsClient = new Aws\Kms\KmsClient ([
'profile' => 'default' ,
'version' => '2014-11-01' ,
'region' => 'us-east-2'
]);
$keyId = 'arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab' ;
$granteePrincipal = " arn:aws:iam::111122223333:user/Alice " ;
$operation = [ 'Encrypt' , 'Decrypt' ]; // A list of operations that the grant allows.
try {
$result = $KmsClient -> createGrant ([
'GranteePrincipal' => $granteePrincipal ,
'KeyId' => $keyId ,
'Operations' => $operation
]);
var_dump ( $result );
} catch ( AwsException $e ) {
// output error message if fails
echo $e -> getMessage ();
echo " \n " ;
}
2024-02-05 10:49:20 -07:00
2019-04-08 15:47:08 -07:00
// snippet-end:[kms.php.create_grant.main]
// snippet-end:[kms.php.create_grant.complete]
