go aws csfle (#707)

terakilobyte · web-flow · commit 61c4391b4ae6 · 2020-11-25T07:59:36.000-08:00
* go aws csfle

* pr feedback

Co-authored-by: Nathan Leniz &lt;nathan.leniz@mongodb.com&gt;
diff --git a/source/includes/steps-fle-convert-to-a-remote-master-key-aws.yaml b/source/includes/steps-fle-convert-to-a-remote-master-key-aws.yaml
@@ -134,6 +134,26 @@ content: |
            To use the AWS Key Vault, you must use
            `libmongocrypt <https://github.com/mongodb/libmongocrypt#installing-libmongocrypt-on-windows>`__ version 1.0 or later in your application's environment.
 
+     .. tab::
+        :tabid: go
+
+        In ``kms/provider.go``, update the variable declarations or define the expected environmental variables in
+        ``AWSProvider()``.
+
+        .. code-block:: go
+
+           awsAccessKeyID := GetCheckedEnv("FLE_AWS_ACCESS_KEY")
+           awsSecretAccessKey := GetCheckedEnv("FLE_AWS_SECRET_ACCESS_KEY")
+
+        The expected KMS provider map is created with struct tags.
+
+        .. code-block:: go
+
+           func (a *AWS) Credentials() map[string]map[string]interface{} {
+               return map[string]map[string]interface{}{"aws": structs.Map(a.credentials)}
+           }
+
+
 ---
 title: Create a New Data Encryption Key
 ref: create-a-new-data-key
@@ -293,6 +313,32 @@ content: |
            To use the AWS Key Vault, you must use
            `libmongocrypt <https://github.com/mongodb/libmongocrypt#installing-libmongocrypt-on-windows>`__ version 1.0 or later in your application's environment.
 
+     .. tab::
+        :tabid: go
+
+        In ``kms/provider.go``, update the variable declarations or define the expected environmental variables
+        in ``AWSProvider()``.
+
+        .. code-block:: go
+
+           awsKeyARN := GetCheckedEnv("FLE_AWS_KEY_ARN")
+           awsKeyRegion := GetCheckedEnv("FLE_AWS_KEY_REGION")
+
+        Struct tags are used to pass these values directly to the driver for use. In ``kms/provider.go``
+
+        .. code-block:: go
+
+           func (a *AWS) DataKeyOpts() interface{} {
+               return a.dataKeyOpts
+           }
+
+        In ``csfle/data_key.go``
+
+        .. code-block:: go
+
+           dataKeyOpts := options.DataKey().SetMasterKey(provider.DataKeyOpts())
+           dataKeyID, err := clientEnc.CreateDataKey(context.TODO(), provider.Name(), dataKeyOpts)
+
 ---
 title: Update the Automatic Encryption JSON Schema
 ref: update-the-json-schema
