Generate a data encryption key for envelope encryption via KMS
kms_generate_data_key(key, bytes = 64L)list of the Base64-encoded encrypted version of the
data encryption key (to be stored on disk), the raw
object of the encryption key and the KMS customer master key used to generate this object
the KMS customer master key identifier as a fully
specified Amazon Resource Name (eg
arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012)
or an alias with the alias/ prefix (eg
alias/foobar)
the required length of the data encryption key in
bytes (so provide eg 64L for a 512-bit key)